There's no limit with the buttons, although it would become unusable. You can change this by creating your own theme though and use a drop down or whatever you'd like.

Another idea is something we've discussed before which is to register certain email domains with a specific IdP. For example <user>@corp.com is automatically redirected to idp.corp.com. With the new authenticator SPI you could create this flow yourself and remove the password field from the initial screen.

You may end up wanting to implement an authenticator for this in either case so you can add a cookie to remember the last used IdP.

When you use identity brokering in Keycloak, Keycloak becomes the "Service Provider" in the external IdP, not the individual clients. So only the Keycloak server has to be registered with the external IdP.

On 20 October 2015 at 17:33, Jérôme Blanchard <jayblanc@gmail.com> wrote:

Hi all,

I'm trying to integrate keycloak in a federation of indentities (shibolleth) using the SAMLv2 Identity Provider. The problem is that the federation count something like 100 Identity Providers and I'm afraid of the L&F of the GUI as for now, adding 3 of them is creating a button for each. Is there is a limit or something that creates a drop down menu ? (like this list https://discovery.renater.fr/renater)
The goal for me is to create a kind of parser for this idps list :
http://federation.renater.fr/renater/idps-renater-metadata.xml
in order to parse this list and maintain my IDPs in keycloak up to date.

Another question is : is each client in keycloak has to be declared as a Service Provider or only the keycloak server ?

If you have any feedback for shibolleth federation integration using keycloak I'll be very glad to share them.

Thanks a lot, Best Regards, Jérôme.

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user