Re: [keycloak-user] kc_idp_hint parameter is being ignored

We're using the keycloak.js adapter. I've tried a couple of things, but am still not able to get it to work. Within our adapter, we're instantiating keycloak with the following (more or less): keycloak = new Keycloak({ url: "mykeycloak.com/auth/", realm: "myrealm", clientId: "myclient", checkLoginIframe: false }); I tried to add the following immediately after the code block below: keycloak.createLoginUrl({ idpHint: 'myIdP' }); But that generated an error: Argument of type '{ idpHint: string; }' is not assignable to parameter of type 'LoginOptions'. Object literal may only specify known properties, and 'idpHint' does not exist in type 'LoginOptions'. So, I tried adding the idpHint param on the initial block: keycloak = new Keycloak({ url: "mykeycloak.com/auth/", realm: "myrealm", clientId: "myclient", checkLoginIframe: false, idpHint: 'myIdP' }); That didn't cause any errors, but it didn't seem to have any effect (I still landed on the login page). Any ideas? On Wed, Nov 29, 2017 at 3:32 PM, Stian Thorgersen <sthorger(a)redhat.com&gt; wrote: > The kc_idp_hint param isn't set on your app, but rather it's a query > param that needs to be included when the app is doing the login. What > adapter are you using? > > On 29 November 2017 at 18:46, Jeremy Michael < > jeremy.michael7373(a)gmail.com&gt; wrote: > >> Hello all, >> >> I’m trying to do something that looks like it should be very easy, but is >> not working for me. Hopefully someone can help me figure out what I’m >> doing >> wrong. >> >> We have an application secured by Keycloak and have two Identity >> Providers >> set up. Clicking the buttons on the standard Keycloak login screen works >> fine for both Identity Providers. We can also set up either provider as a >> default (in the browser Authentication flow) to bypass the login screen, >> and that works fine. However, in some cases, we want to bypass the login >> screen and use Identity Provider 1, and in others we want to bypass the >> login screen and use Identity Provider 2. >> >> It looks like we should be able to achieve what we want by using the >> kc_idp_hint parameter. But, when I try to test it out, the >> kc_idp_hint seems to be ignored. >> >> I tried the following, where the URL is the address of my app secured by >> Keycloak, and idp1alias is the alias of the Identity Provider I want to >> use: >> https://www.myapp.com?kc_idp_hint=idp1alias >> <https://www.myapp.com/?kc_idp_hint=idp1alias> >> >> However, instead of bypassing the login screen and automatically >> beginning >> the authentication process with Identity Provider 1, I am landing on the >> standard Keycloak login screen. >> >> As another test, I tried just going to the built in, >> “/auth/realms/<realm>/account” with the "kc_idp_hint" parameter added >> and I >> got the same behavior (i.e., I saw the Keycloak login screen): >> https://mykeycloakurl.com/auth/realms/myrealm/account?kc_idp >> _hint=idp1alias. >> >> I’m clearly missing something, or misunderstanding how this should work. >> Can someone help get me pointed in the right direction? >> >> Thanks! >> Jeremy >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-user > > >