On 12/03/18 12:43, Fernando Quiroga wrote:
Hi everyone,
I'm following this post
http://blog.keycloak.org/
2017/03/how-to-setup-ms-ad-fs-30-as-brokered.html to configure my
application to login with AD FS with SAML protocol.
My setup is an Angular 5 UI using the keycloak-js adaptarter. When the app
starts I launch Keycloak.init({ onLoad: 'login-required'}) method for
making the Keycloak login page to appear. right now I'm able to login usin
email and password or by clicking the SAML SSO button and login thorught
the AD FS login page.
What I want to do? I want to Keycloak to trigger the SAML SSO before
showing the login screen, I mean, if in my pc I'm loged with and AD FS
account I want Keycloak to log me in directly with this account and only
get me to the login page if I'm not a member of the AD FS so I'm could be
able to login via email and password.
We have parameter "kc_idp_hint" ef
which can be used to automatically
redirect to specified IDP.
But I am not sure if it works, so that it automatically detects if you
are logged there. In worst case, you may need to write your own custom
Authenticator to achieve exactly what you want.
Marek
Regards
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user