I did it through both the admin console and the RealmResource.convertClientDescription(<xml SP metadata>) API to retrieve a ClientRepresentation object with the same result.

As I see, in the UI, the "email", "transient" and "persistent" formats could be auto-detected. A fallback to "username" if the value isn't recognized would be an acceptable behavior.

Gabriel

2016-03-25 13:52 GMT-04:00 Bill Burke <bburke@redhat.com>:

You imported a SAML SP metadata XML file into the admin console? IIRC, I didn't populate this because multiple nameID formats are allowed to be specified. Guess I should just pick one at least.

On 3/25/2016 10:43 AM, Gabriel Lavoie wrote:
Hi,
I'm trying to pre-configure a SAML 2.0 SP/Client in a realm with the upload of its metadata in XML format. The metadata I have currently tells that it wants the e-mail address as the NameIdFormat:

<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>

After uploading the metadata, the Name ID Format attribute is set to "username" which seems to be the default value.

Tested with 1.8.0 and 1.9.1

Is this the expected/desired behavior or this is something that Keycloak could extract?

Thank you,

Gabriel

--

Gabriel Lavoie
glavoie@gmail.com
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
-- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user

Gabriel Lavoie
glavoie@gmail.com