Re: [keycloak-user] looking for samples and howto's

Hi, I have been playing with keycloak for the last two days, and while it looks beatiful and has all the features (plus many more!) we (think) we're looking for, we're having a hard time getting any client to work, with one exception: the builtin 'account' client. We - setup apache2 reverse proxy so keycloak runs on regular https port - configured Let's Encrypt SSL - added our realm & configured our samba AD, synced users/groups - configured HAProxy for AD DC failover - configured and tested kerberos authentication everything works great, but it's all within the keycloak system. (specifically: the builtin 'accounts' client) We've not had much luck at all making an external product authenticate using keycloak IdP / SAML. We thought an easy client would be perhaps simplesamlphp, or wordpress plugins ("miniOrange SSO using SAML 2.0" and "SAML 2.0 Single Sign-On") but there are no examples / step-by-step guides specific to keycloak that we can find. There is a lot of keycloak-related talk on jboss, war, wildfly, keycloak's client adapters, etc, but to us, these all seem to be more 'advanced usage', rather than using a 'regular' SAML capable client. Or we're beginning to think that perhaps we misunderstand what keycloak can do for us... Hence our request here: Does anyone have a list of simple steps ("provide this, check this, fill in this here, etc, etc") for some well-known external mainstream easily obtainable SAML clients? We would be very grateful :-) _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user