[keycloak-user] Keycloak & SAMLInvalid Response
Rémi GOYARD
r.goyard at groupeonepoint.com
Tue Aug 28 03:17:46 EDT 2018
Hi All,
I just tried to use the Auth0 service and it worked with Workplace by facebook (following this documentation : https://scontent-cdt1-1.xx.fbcdn.net/v/t39.2365-6/33246377_951880651638808_7491240743177027584_n.pdf?_nc_cat=0&oh=266ec47aacfd6aad53e67d33b4b5a502&oe=5C2DC62A)
It seems that keycloak do not produce a Valid response for the email mapping, The above documentation precise the following configuration steps but I really don’t know how to map it In Keycloak :
{
"audience": "https://www.facebook.com/company/ID”,
"recipient": "https://workplace.facebook.com/work/saml.php”,
"mappings": { "email": "Email", },
"nameIdentifierFormat": "urn:oasis:names:tc:SAML:2.0:nameid-format:email”,
"nameIdentifierProbes”: [ "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" ],
}
I think that I need to precise the informations : "nameIdentifierFormat": "urn:oasis:names:tc:SAML:2.0:nameid-format:email”,
"nameIdentifierProbes”: [ "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" ],
Does anyone have ideas ?
Regards
Rémi
More information about the keycloak-user
mailing list