[keycloak-user] Identity Brokering, external IDP require nonce
triton oidc
triton.oidc at gmail.com
Mon Mar 26 09:31:58 EDT 2018
Hi,
in my scenario, i'm using Keycloak as an IDP broker.
It works fine with a lot of configuration.
I build keycloak from source 3 weeks ago.
However the IDP i'm trying to integrate right now requires a nonce in the
first call on the authorization endpoint.
https://myidp.com/authorize?scope=openid+profile&state=state&response_type=code&client_id=clientid&redirect_uri=redirect_uri
fails
but if i manually add "&nonce=1234" in the url it works
I could not find an option in the external IDP concerning this nonce
generation.
Did i miss something ?
Should i ask for a feature and i'll wait for someone to look at it ?
any help would be appreciated
Thanks a lot
Amaury
More information about the keycloak-user
mailing list