[keycloak-user] OAuth2 with SAML2.0 Authentication

Maurício Giacomini Penteado mauriciogiacomini at hotmail.com
Tue Feb 12 11:48:16 EST 2019 

Hi folks,


I did not know that keycloak could be installed as a broker to a SAML IdP. @Pedro Igor Silva - Many thanks for your help.


I have one more question about that. Please, if anyone more can help me, let me know.


What you think?
Would it be possible to have keycloak as a broker to a set of applications providing and consuming REST services, but keep the SAML IdP directly accessible to legacy applications providing and consuming SOAP services?


Kind regards,
Mauricio.


________________________________
De: Pedro Igor Silva <psilva at redhat.com>
Enviado: segunda-feira, 11 de fevereiro de 2019 14:57
Para: Maurício Giacomini Penteado
Cc: keycloak-user at lists.jboss.org
Assunto: Re: [keycloak-user] OAuth2 with SAML2.0 Authentication

Hi,

You should be able to use OpenID protocol to your applications if Keycloak is configured as a broker to your existing SAML IdP. See https://www.keycloak.org/docs/latest/server_admin/index.html#_identity_broker<https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.keycloak.org%2Fdocs%2Flatest%2Fserver_admin%2Findex.html%23_identity_broker&data=02%7C01%7C%7Cf0f5de3a082a467a71e208d690314edf%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636854938777594826&sdata=EpKOdcUX%2Foy8QmLhxla2ya8G9N13H9ewcdOAMlOtHKk%3D&reserved=0>.

Regards.
Pedro Igor

On Mon, Feb 11, 2019 at 12:17 PM Maurício Giacomini Penteado <mauriciogiacomini at hotmail.com<mailto:mauriciogiacomini at hotmail.com>> wrote:
Hi folks

I am working with some legacy systems that rely on an identity server based on SAML tokens.
Therefore, I do not have the excellent features provided by the OAuth2, OpenID, and UMA specifications on these systems.

I am looking for some documents to help me activate Keycloak as an identity server that works with OAuth2, but using SAML tokens for authentication.
It would help a lot if such configurations were possible. Please, if anyone knows documents to help me, let me know.

Kind regards,
Mauricio.

_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user<https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.jboss.org%2Fmailman%2Flistinfo%2Fkeycloak-user&data=02%7C01%7C%7Cf0f5de3a082a467a71e208d690314edf%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636854938777604837&sdata=SYD1YyIIZO5NWe4nrN4RZGpyQhV4wa%2F9Isf3yHRuqkI%3D&reserved=0>

More information about the keycloak-user mailing list