[keycloak-user] Keycloak & Okta
John D. Ament
john.d.ament at gmail.com
Mon Feb 20 07:18:08 EST 2017
Ok, so I was able to get SP initiated working fine. I had only tried IDP
when I sent this mail out.
I'm going through this doc, and its not clear to me on a few areas:
https://keycloak.gitbooks.io/server-adminstration-guide/content/topics/clients/saml/idp-initiated-login.html
- I have my application (the SP) and the SAML IDP (Okta in this case). I
have a link on the okta portal to login automatically to my SP.
- I think the webpage is saying that this only works if I'm using the SAML
connector for keycloak, is that accurate?
- All of my Okta settings are from getting SP initiated working. Do any of
those need to change?
- Do I in fact setup Okta as a SAML client in Keycloak?
John
On Sun, Feb 19, 2017 at 8:47 PM John D. Ament <john.d.ament at gmail.com>
wrote:
> Hi
>
> Just wondering, has anyone setup Keycloak w/ Okta? Every time I try to
> authenticate (both SP initiated and IdP initiated) it fails with this error
>
> 01:40:54,626 WARN [org.keycloak.events] (default task-7)
> type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=tenant1, clientId=null,
> userId=null, ipAddress=172.17.0.1, error=staleCodeMessage
> 01:40:54,627 ERROR [org.keycloak.services.resources.IdentityBrokerService]
> (default task-7) staleCodeMessage
>
> I suspect its a setup issue on my side, so was hoping someone else has
> tried this and can give tips. I even tried the import feature, no luck.
>
> John
>
More information about the keycloak-user
mailing list