Re: [keycloak-user] SAML login via python when using Keycloak as Identity broker
Hi John,
what about this workflow:
http://www.keycloak.org/docs/3.4/server_admin/#_identity_broker_overview ?
The browser will interact with both the broker and the IDP. Won't the
script have to do something similar?
Thanks,
Pieter
www.thehyve.nl
E pieter(a)thehyve.nl
T +31(0)30 700 9713
M +31(0)6 28 18 9540
Skype pieter.lukasse
We empower scientists by building on open source software
2017-12-01 18:01 GMT+01:00 John Dennis <jdennis(a)redhat.com>:
On 12/01/2017 05:43 AM, Pieter Lukasse wrote:
> Thanks for your reply John.
>
> One question regarding your workflow: with IdP do you mean Keycloak or
> the brokered IdP?
>
I'm not sure I understand the question because when you authenticate
against an IdP that is the only IdP you're aware of. If the IdP brokers
(delegates) to another IdP to satisfy your request that process is
invisible to you (with the possible exception the response may indicate who
the ultimate authority was, I can't recall off the top of my head if the
protocol includes this information or not). But from a protocol point of
view you're only ever talking to one IdP.
--
John