<div dir="ltr">Not at the moment, but it will be possible in 2.2.0.CR1 which will allow you to set an empty value for kc_idp_hint which will override the default identity provider.</div><div class="gmail_extra"><br><div class="gmail_quote">On 29 August 2016 at 20:34, Gabriel Lavoie <span dir="ltr"><<a href="mailto:glavoie@gmail.com" target="_blank">glavoie@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi,<div> we are currently using Keycloak as a broker to do the SAML authentication to an external service for us. Keycloak is configured to authenticate the user with an external IdP (our application) that is set with the "Authenticate by default" flag to ON.</div><div><br></div><div>Is it possible to still force the display of the Keycloak login page, but only for some scenarios? We would like to have system integration users that don't exist in our application (not exposed to our customers), but would still be usable to access the external service (with proper roles).</div><div><br></div><div>Thanks,</div><div><br></div><div>Gabriel<span class="HOEnZb"><font color="#888888"><br clear="all"><div><br></div>-- <br><div data-smartmail="gmail_signature">Gabriel Lavoie<br><a href="mailto:glavoie@gmail.com" target="_blank">glavoie@gmail.com</a></div>
</font></span></div></div>
<br>______________________________<wbr>_________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>