France Connect IDP is not ignoring extra parameters in the token request as the spec dictates; this has also proven to be a problem with other OIDC RPs Hans. On Mon, Apr 15, 2019 at 9:03 AM <keycloak-user-request(a)lists.jboss.org&gt; wrote: > > Hi Cedric, > > Please find attached my demo realm json file of KC 5.0. > (client secret is strarred). > > TO add the idp provider, I select add user provider and select "keycloak > openID provider". > After this, I do select all teh fields manually. > > > Regards, > > Olivier Rivat > > > > > Le 15/04/2019 ? 08:18, cedric(a)couralet.eu a ?crit?: > > Le Lundi, Avril 15, 2019 08:11 CEST, Olivier Rivat <orivat(a)janua.fr&gt; a > ?crit: > > > >> Hi Cedric, > >> > >> I am integrating? KC (SP)? to FranceConnect (IDP) dierctly out of the > box. > >> I haven't written any KC code module extension and FranceConnect is > >> configured as an IDP for KC. > >> > > Could you share your Idp configuration (minus the secrets) ? > > Did you choose "keycloak OpenId Connect" or "OpenId Connect v1.0". How > did you test from one version to another (export/import, manual conf, > upgrade?) > > > > C?dric, > > > > > >> FranceConnect Integration is working fine with KC 4.81, but it is > >> failing with KC 5.00. > >> Only diff I noticed is that internally there is this > >> client_session_state flag added with KC 5.0. > >> This is what makes the integration failing > >> > >> Regards, > >> > >> Olivier Rivat > >> > -- > > > <http://www.janua.fr/images/logo-big-sans.png>< > http://www.janua.fr/images/LogoSignature.gif> > > <http://www.janua.fr/images/6g_top.gif> > > Olivier Rivat > CTO > orivat(a)janua.fr <mailto:dchikhaoui@janua.fr> > Gsm: +33(0)682 801 609 > T?l: +33(0)489 829 238 > Fax: +33(0)955 260 370 > http://www.janua.fr <http://www.janua.fr/> > <http://www.janua.fr/images/6g_top.gif> > > >