Hi there,Ok, the customer organisation has a corporate PKI infrastructure where instead of username/passwords users are issued certificates. These certificates are used as the credentials for logging in to web applications.I'd like to understand what I would need to do for Keycloak to accept this certificate from the browser as a credential, instead of password or OTP. Similar to the way it can accept a Kerberos ticket?Sincere thanks,JonCan you elaborate a bit on exactly what you want? "integrate our app suite with their enterprise PKI solution for IDP and SSO" is a bit vague.On 6 September 2016 at 12:38, Jonathan Rathbone <getjonrathbone@gmail.com> wrote:
Hi there,
hope you can help. I’ve searched the documentation, and nothing seems to jump out that clarifies this so…
I have a set of web apps and services, all secured with Keycloak using OAuth and JWT, with Single-Sign-On.
I have a potential customer who is looking for us to integrate our app suite with their enterprise PKI solution for IDP and SSO.
Is there a way that Keycloak can enable this for us, so that we can keep our app architecture isolated from the customers specific security architecture, or will we have to produce a version of our apps and services that have a dedicated integration to the enterprise PKI solution’s services?
Sorry if this is a bit of noob question!
sincere thanks,
Jon
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user