Hi Stephen,
Was just browsing past threads. You’ve probably solved it by now but hopefully this helps
others!
We are using a SATOSA proxy to integrate with eduGAIN, which acts as an Identity Provider
to our Keycloak instance:
https://github.com/IdentityPython/SATOSA
In addition we use PyFF to handle the metadata:
https://github.com/IdentityPython/pyFF
The benefit of using these tools is because they are maintained by the eduGAIN community
and natively support many of the quirks found in Identity Federations (both technically
and in terms of trust and policy).
Cheers,
Hannah
On 17 Jun 2019, at 14:48, BOOTH Stephen
<s.booth@epcc.ed.ac.uk<mailto:s.booth@epcc.ed.ac.uk>> wrote:
I'm wanting configure keycloak to use authenticate against a SAML
federation (externally curated set of IdPs) rather than a single SAML
IdP. Specifically I want to support EduGAIN.
Is this something that keycloak supports natively? The form for
configuring a SAML Identity provider appears to assume a single IdP.
If not, does anyone have any suggestions for the best approach to
bridging a shibboleth SP into something keycloak can use as an Identity
provider.
Stephen
--
======================================================================
|epcc| Dr Stephen P Booth Principal Architect |epcc|
|epcc| s.booth@epcc.ed.ac.uk<mailto:s.booth@epcc.ed.ac.uk> Phone 0131 650
5746 |epcc|
======================================================================
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user