[keycloak-user] Upload of SAML SP/Client metadata and detection of NameIdFormat

Gabriel Lavoie glavoie at gmail.com
Fri Mar 25 15:02:30 EDT 2016 

I did it through both the admin console and the
RealmResource.convertClientDescription(<xml SP metadata>) API to retrieve a
ClientRepresentation object with the same result.

As I see, in the UI, the "email", "transient" and "persistent" formats
could be auto-detected. A fallback to "username" if the value isn't
recognized would be an acceptable behavior.

Gabriel

2016-03-25 13:52 GMT-04:00 Bill Burke <bburke at redhat.com>:

> You imported a SAML SP metadata XML file into the admin console?  IIRC, I
> didn't populate this because multiple nameID formats are allowed to be
> specified.  Guess I should just pick one at least.
>
>
> On 3/25/2016 10:43 AM, Gabriel Lavoie wrote:
>
> Hi,
>      I'm trying to pre-configure a SAML 2.0 SP/Client in a realm with the
> upload of its metadata in XML format. The metadata I have currently tells
> that it wants the e-mail address as the NameIdFormat:
>
>
> <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
>
> After uploading the metadata, the Name ID Format attribute is set to
> "username" which seems to be the default value.
>
> Tested with 1.8.0 and 1.9.1
>
> Is this the expected/desired behavior or this is something that Keycloak
> could extract?
>
> Thank you,
>
> Gabriel
>
> --
> Gabriel Lavoie
> glavoie at gmail.com
>
>
> _______________________________________________
> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> --
> Bill Burke
> JBoss, a division of Red Hathttp://bill.burkecentral.com
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>



-- 
Gabriel Lavoie
glavoie at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160325/3619cc1d/attachment.html

More information about the keycloak-user mailing list