Hi Yann,
Script-based authenticator should be perfect here. For how to implement redirection to
IdP, take a look at how it is done in IdentityProviderAuthenticator (that shows in the GUI
as "Identity Provider Redirector"):
List<IdentityProviderModel> identityProviders =
context.getRealm().getIdentityProviders();
https://github.com/keycloak/keycloak/blob/master/services/src/main/java/o...
Basically, you'll need to implement the same in JavaScript.
Good luck!
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Wed, 2018-07-25 at 13:10 +0000, Yann Jouanin wrote:
Hello,
We are using keycloak with multiple IdP from our customers. Because
we don't want to offer a list of Idp (customer A can't use the idp of
customer B), I would like to prompt the user for the email address
first and decide then to redirect to a specific IdP based on the
domain as an example.
Does somebody here can advise me on the greatest way to implement
this behavior?
My first thought was to use a custom flow with a script, but I can't
find how to specify the idp to use using script.
Best regards,
Yann Jouanin
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user