[keycloak-user] Help with SSO

[Adam Keily]

What is your custom SSO application. Does it support SAML or OIDC? If it does, you should be able to configure it as both an Identity Provider and a client in Keycloak to achieve what you call silent login which I presume is just federated login.

-----Original Message-----
From: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-bounces at lists.jboss.org] On Behalf Of Jorge M.
Sent: Thursday, 4 May 2017 1:14 AM
To: keycloak-user at lists.jboss.org
Subject: Re: [keycloak-user] Help with SSO

Hi there,

I'm sorry for insisting again... Anyone can help me to find the best approach?

Thank you!
JM

2017-04-27 18:28 GMT+01:00 Jorge M. <jm85martins at gmail.com>:

> Hi,
>
> In the past some systems inside my company were using a custom made
> sso implementation that had the ability to do silent login among them.
> On of that systems was completly refactored and is using keycloak for
> authentication and authorization. Since than, we lost that silent
> login feature with the other systems.
> We assumed that it was ok to lost this feature for a while but now we
> are trying to implement the silent login again.
>
> So..summing up:
> - System "A" is using keycloak with a realm "RealmA" with multiple
> clients
> (modules) with sso between them.
> - Other systems "B", "C" with their custom authentication and
> authorization
> - We are using a custom federation on keycloak over the same users
> database that is shared among all the systems.
>
> What's the best practise to achieve sso between all the systems?
> We are thinking about a proxy that detects if the user has a session
> on some of the other systems and if that is true, we programatically
> create a session on keycloak for a given (Is this possible with the API?).
>
> Thank you,
> JM
>
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user