Longer time ago, I did the integration of picketlink with Google Apps, which is documented here: https://docs.jboss.org/author/display/PLINK/Picketlink+as+IDP,+Google+Apps+as+SP . Some steps might be outdated, but hopefully most of them is still applicable and can be (maybe with some tweaks) applied for Keycloak as well. Especially the part for configuring on Google side. I did not tried in practice with Keycloak yet, but I think that you may want to:
- Use clientId like "google.com/a/yourdomain.com" for your client where yourdomain.com is your Google-Apps domain
- Select "Sign assertions" so google-apps will verify the signature on assertion with the realm key you uploaded

Other options might be kept default probably (not sure at 100% as I didn't try it myself yet)

Marek

On 25/11/15 10:42, Thomas Schweizer-Bolzonello wrote:
Hello,
Does someone have documentation on how to implement Keycloak with Google Apps ?
I tried to implement a SAML client in a Keycloak realm but I'm lost
with settings when creating one.

Tried to use the official documentation and to search on the web but
to no avail.

If someone could point me to what settings to use in the SAML client I
created, it would be great.
I already took the key generated for the realm and uploaded it to Google Apps.

Best regards,
Thomas
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user