[keycloak-user] SAML IDP seamless SSO
Devlin, Martin
martin.devlin at pearson.com
Wed Aug 1 09:50:32 EDT 2018
Hi,
I am setting up a SAML IDP. The user will already exist in Keycloak, I want
that user linked to the IDP.
What I want is for the user to be linked invisibly, without having to do
anything.
I have disabled the following in the First Broker Login flow:
```
first broker login/idp-review-profile set to DISABLED
first broker login/idp-confirm-link set to DISABLED
first broker login/idp-email-verification set to DISABLED
```
This gets rid of the dialogs to confirm profile and email verification.
But there's another setting that I can't disable: "
Username Password Form For Identity Provider Reauthentication"
So as it is the user has to authenticate against the IDP (which is what I
want) but then also against Keycloak (which I don;t want).
Thanks,
Martin
More information about the keycloak-user
mailing list