7:25 a.m.
Hi,
I am using as external idp with keycloak. External idp sends SAML response
to keycloak but keycloak modifies that response before sending it to the
application, so i am unable to get some important attributes. How can we
stop keycloak from modifying the response or how can we customize the
response.
Thanks,
Pulkit
5:15 p.m.
Hello Pulkit,
This is how identity brokering works. Keycloak cannot simply reuse the incoming SAML
assertion, so it creates a new one for your target application. But there is a limited
control over the attribute passthrough via mappers. What are the exact attributes
you're talking about? Do you think they can be mapped to user properties/attributes?
(like first name / last name etc.)
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Tue, 2019-01-29 at 18:55 +0530, Pulkit Srivastava wrote:
Hi,
I am using as external idp with keycloak. External idp sends SAML response
to keycloak but keycloak modifies that response before sending it to the
application, so i am unable to get some important attributes. How can we
stop keycloak from modifying the response or how can we customize the
response.
Thanks,
Pulkit
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2165
days inactive
2171
days old
1 comments
2 participants
participants (2)
-
Dmitry Telegin -
Pulkit Srivastava