Re: [keycloak-user] keycloak 5.0 integration with FranceConnect (IDP provider) no longer working
Le 2019-04-15 08:58, Olivier Rivat a écrit :
Hi Cedric,
Please find attached my demo realm json file of KC 5.0.
(client secret is strarred).
TO add the idp provider, I select add user provider and select
"keycloak openID provider".
After this, I do select all teh fields manually.
You are using the "Keycloak OpenId Connect" provider which, I think,
should only be used between two keycloak instances. With France Connect,
you want to use the "OpenId connect v1.0" provider which will not add
the Client_Session_State Parameter.
As I said in my first message, you can also try our extension
https://github.com/InseeFr/Keycloak-FranceConnect which is already
tested with keycloak 5.0.0.
Cédric
Regards,
Olivier Rivat
Le 15/04/2019 à 08:18, cedric(a)couralet.eu a écrit :
> Le Lundi, Avril 15, 2019 08:11 CEST, Olivier Rivat <orivat(a)janua.fr>
> a écrit:
>
>> Hi Cedric,
>>
>> I am integrating KC (SP) to FranceConnect (IDP) dierctly out of
>> the box.
>> I haven't written any KC code module extension and FranceConnect
>> is
>> configured as an IDP for KC.
>
> Could you share your Idp configuration (minus the secrets) ?
> Did you choose "keycloak OpenId Connect" or "OpenId Connect
v1.0".
> How did you test from one version to another (export/import, manual
> conf, upgrade?)
>
> Cédric,
>
>> FranceConnect Integration is working fine with KC 4.81, but it is
>> failing with KC 5.00.
>> Only diff I noticed is that internally there is this
>> client_session_state flag added with KC 5.0.
>> This is what makes the integration failing
>>
>> Regards,
>>
>> Olivier Rivat
--
[1] [2] [3]
Olivier Rivat
CTO
orivat(a)janua.fr
Gsm: +33(0)682 801 609
Tél: +33(0)489 829 238
Fax: +33(0)955 260 370
http://www.janua.fr [4]
[3]
Links:
------
[1] http://www.janua.fr/images/logo-big-sans.png
[2] http://www.janua.fr/images/LogoSignature.gif
[3] http://www.janua.fr/images/6g_top.gif
[4] http://www.janua.fr/
