[keycloak-user] Keycloak configuring SAML clients
John Dennis
jdennis at redhat.com
Tue Aug 14 09:53:19 EDT 2018
On 08/14/2018 09:26 AM, Rafael Weingärtner wrote:
> Hello Keycloakers,
>
> I am trying to integrate Keycloak with an SP using SAML. I downloaded
> keycloak metadata using
> https://<server>/auth/realms/<realmName>/protocol/saml/descriptor.
> I configured this metadata in my metadata provider (for the whole
> federation). The SPs now can see the IdP (Keycloak). How do I configure
> Keycloak to use my federation metadata? I mean, instead of configuring
> each client manually, keycloak could read this descriptor file, and get the
> Keys (public keys of service provides) and URLs from there. At least that
> is how we are used to do when using Shibboleth.
Using the Web Admin GUI, go to the relevant realm page. In the left
panel is a "Clients" tab, click on that. On the "Clients" page click on
"Create" in the upper right. On the "Add Client" page is a "import" box,
enter your SP metadata there. Make sure the client protocol is set to saml.
--
John Dennis
More information about the keycloak-user
mailing list