What does your authnrequest look like? ADFS is really fickle about format.
Common issues with the authnrequest are:
3. Sha1 signature
#1 is the biggest issue I see. You need to write a claims rule in adfs to
make sure it maps properly or just remove the nameidformat from the
CTO, Tremolo Security, Inc.
On Jul 28, 2016 6:22 AM, "Robert van Loenhout"
I’m trying to use Keycloak 2.0.0.Final with AD FS 2.0 as an identity
provider. I think I’ve set up everything, but I am getting an internal
error from keycloak.
The server log contains
2016-07-28 11:08:32,510 ERROR [io.undertow.request] (default task-37)
UT005023: Exception handling request to
org.keycloak.broker.provider.IdentityBrokerException: Could not process
response from SAML identity provider.
The root cause is “No assertion from response”
So far the only information about this I have found so far is a keycloak
Has anyone got any luck using AD FS in combination with keycloak?
Is there any configuration I could change in AD FS or Keycloak or
workaround this problem?
keycloak-user mailing list