1:34 p.m.
Hi,
we are currently using Keycloak as a broker to do the SAML
authentication to an external service for us. Keycloak is configured to
authenticate the user with an external IdP (our application) that is set
with the "Authenticate by default" flag to ON.
Is it possible to still force the display of the Keycloak login page, but
only for some scenarios? We would like to have system integration users
that don't exist in our application (not exposed to our customers), but
would still be usable to access the external service (with proper roles).
Thanks,
Gabriel
--
Gabriel Lavoie
glavoie(a)gmail.com
7:39 a.m.
Not at the moment, but it will be possible in 2.2.0.CR1 which will allow
you to set an empty value for kc_idp_hint which will override the default
identity provider.
On 29 August 2016 at 20:34, Gabriel Lavoie <glavoie(a)gmail.com> wrote:
Hi,
we are currently using Keycloak as a broker to do the SAML
authentication to an external service for us. Keycloak is configured to
authenticate the user with an external IdP (our application) that is set
with the "Authenticate by default" flag to ON.
Is it possible to still force the display of the Keycloak login page, but
only for some scenarios? We would like to have system integration users
that don't exist in our application (not exposed to our customers), but
would still be usable to access the external service (with proper roles).
Thanks,
Gabriel
--
Gabriel Lavoie
glavoie(a)gmail.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3045
days inactive
3054
days old
1 comments
2 participants
participants (2)
-
Gabriel Lavoie -
Stian Thorgersen