Hi folks, I did not know that keycloak could be installed as a broker to a SAML IdP. @Pedro Igor Silva - Many thanks for your help. I have one more question about that. Please, if anyone more can help me, let me know. What you think? Would it be possible to have keycloak as a broker to a set of applications providing and consuming REST services, but keep the SAML IdP directly accessible to legacy applications providing and consuming SOAP services? Kind regards, Mauricio. ________________________________ De: Pedro Igor Silva <psilva(a)redhat.com&gt; Enviado: segunda-feira, 11 de fevereiro de 2019 14:57 Para: Maurício Giacomini Penteado Cc: keycloak-user(a)lists.jboss.org Assunto: Re: [keycloak-user] OAuth2 with SAML2.0 Authentication Hi, You should be able to use OpenID protocol to your applications if Keycloak is configured as a broker to your existing SAML IdP. See https://www.keycloak.org/docs/latest/server_admin/index.html#_identity_br...;. Regards. Pedro Igor On Mon, Feb 11, 2019 at 12:17 PM Maurício Giacomini Penteado <mauriciogiacomini@hotmail.com<mailto:mauriciogiacomini@hotmail.com>> wrote: Hi folks I am working with some legacy systems that rely on an identity server based on SAML tokens. Therefore, I do not have the excellent features provided by the OAuth2, OpenID, and UMA specifications on these systems. I am looking for some documents to help me activate Keycloak as an identity server that works with OAuth2, but using SAML tokens for authentication. It would help a lot if such configurations were possible. Please, if anyone knows documents to help me, let me know. Kind regards, Mauricio. _______________________________________________ keycloak-user mailing list keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/keycloak-user<https://nam01.s...