[keycloak-user] StaleCodeMessage on IDP Initiated SAML SSO
Chris Brandhorst
Chris.Brandhorst at topicus.nl
Fri Oct 7 16:43:07 EDT 2016
I have two Keycloak instances, A is an IdP for B. From the login screen of B, this works as it should.
However, I can’t get IDP Initiated SSO from A to B to work. I filled the "IDP Initiated SSO URL Name” field with a name (say “bbbbb”) in A.
When I try to navigate to: http://aaaaa/auth/realms/his/protocol/saml/clients/bbbbb
i always end up with the following logging:
22:42:02,993 DEBUG [org.keycloak.services] (default task-23) Authorization code is not valid. Code: null
22:42:02,994 WARN [org.keycloak.events] (default task-23) type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=master, clientId=null, userId=null, ipAddress=127.0.0.1, error=staleCodeMessage
22:42:02,994 ERROR [org.keycloak.services] (default task-23) staleCodeMessage
Which in itself is not surprising, because indeed, there is no Authorization code in play here, but that’s the whole idea of IDP Initiated SSO, no?
What must I do to get this to work?
Thanks,
Chris Brandhorst
More information about the keycloak-user
mailing list