[keycloak-user] StaleCodeMessage on IDP Initiated SAML SSO
Stian Thorgersen
sthorger at redhat.com
Mon Oct 17 11:58:27 EDT 2016
Looks like it might be a bug. Can you create a JIRA please?
On 7 October 2016 at 22:43, Chris Brandhorst <Chris.Brandhorst at topicus.nl>
wrote:
> I have two Keycloak instances, A is an IdP for B. From the login screen of
> B, this works as it should.
> However, I can’t get IDP Initiated SSO from A to B to work. I filled the
> "IDP Initiated SSO URL Name” field with a name (say “bbbbb”) in A.
> When I try to navigate to: http://aaaaa/auth/realms/his/
> protocol/saml/clients/bbbbb
> i always end up with the following logging:
>
> 22:42:02,993 DEBUG [org.keycloak.services] (default task-23) Authorization
> code is not valid. Code: null
> 22:42:02,994 WARN [org.keycloak.events] (default task-23)
> type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=master, clientId=null,
> userId=null, ipAddress=127.0.0.1, error=staleCodeMessage
> 22:42:02,994 ERROR [org.keycloak.services] (default task-23)
> staleCodeMessage
>
> Which in itself is not surprising, because indeed, there is no
> Authorization code in play here, but that’s the whole idea of IDP Initiated
> SSO, no?
>
> What must I do to get this to work?
>
> Thanks,
> Chris Brandhorst
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list