<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.Shkpostityyli17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 2.0cm 70.85pt 2.0cm;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="FI" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-US">Hello all,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Is there any examples on how to get Keycloak SAML authorization up and running?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Keycloak SAML authentication is already up and running across two distinct web applications. My SAML authentication already includes a couple of user properties and attributes, but I’m not able to find any info about
what is the right and correct way to establish authorization with keycloak saml, saml metadata perhaps?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Could you please point me to right direction? SAML authorization examples would be great, or is “picketlink-federation –saml-sp-with-metadata” example all that I need to know?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Reason for above question is that I want to get rid of our own web-application specific authorization mechanism!
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Yes, and the answer to your follow-up question is, that our environment is wf 9.0.1
</span><span lang="EN-US" style="font-family:Wingdings">J</span><span lang="EN-US">
</span><span lang="EN-US" style="font-family:Wingdings">è</span><span lang="EN-US"> wf saml adapter is in use..<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Yours:<br>
Jukka<o:p></o:p></span></p>
</div>
<br>
<font color="gray"><font face="Arial" size="2">
<hr>
<br>
Tämä sähköpostiviesti (liitteineen) saattaa sisältää luottamuksellista tietoa, joka on tarkoitettu
<br>
vain vastaanottajalleen. Jos et ole oikea vastaanottaja, ilmoita viestin lähettäjälle tapahtuneesta
<br>
virheestä ja tuhoa viesti välittömästi. Viestin luvaton julkaiseminen, kopioiminen, jakelu tai muu
<br>
käyttö tai toimenpiteisiin ryhtyminen sen perusteella on ehdottomasti kielletty. <br>
<br>
This message (including any attachments) may contain confidential information intended for
<br>
the person or entity to which it is addressed. If you are not the intended recipient, notify the
<br>
sender and delete this message immediately. Notice that disclosing, copying, distributing or any
<br>
other use of the message and its information, or taking any action based on it, is strictly prohibited.
<br>
<br>
<hr>
</font></font>
</body>
</html>