4:21 a.m.
We are trying to configure Keycloak to act as an identity broker for a SAML 2.0 IdP. Using
the “quickstarts/app-profile-jee-vanilla” project as a basis, we added the wildfly client
adapter and set up an Identity Provider of type SAML 2.0.
Our customer configure an entityID at the IdP.
Example:<https://saml.myapp.com/myservice>;. We set the Client ID to equal our
entityID and expected the Issuer element to contain this value. Keycloak redirects
correctly, however, in the AuthnRequest sent to the IdP, the Issuer element contains a URL
at the Keycloak server realm
(<https://saml.kombit.dk:8543/auth/realms/demo>https://saml.myapp.com/
<https://saml.myapp.com/myservice>auth/realms/demo) and Keycloak stripped part of
our Client ID (/myservice).
Is the Issuer value configurable and if so, where?
Thanks
Anders and Ulrik
5:58 a.m.
Sorry about the bad formatting. Another try:
We are trying to configure Keycloak to act as an identity broker for a SAML 2.0 IdP. Using
the “quickstarts/app-profile-jee-vanilla” project as a basis, we added the wildfly client
adapter and set up an Identity Provider of type SAML 2.0.
Our customer configure an entityID at the IdP. Example:
<https://saml.myapp.com/myservice>;. We set the Client ID to equal our entityID and
expected the Issuer element to contain this value. Keycloak redirects correctly, however,
in the AuthnRequest sent to the IdP, the Issuer element contains a URL at the Keycloak
server realm (<https://saml.myapp.com/auth/realms/demo>) and Keycloak stripped part
of our Client ID (/myservice).
Is the Issuer value configurable and if so, where?
Thanks
Anders and Ulrik
2840
days inactive
2840
days old
1 comments
1 participants
participants (1)
-
Ulrik Nejsum Madsen