Any SAML application, e.g.
.
--Hynek
On Mon, Oct 2, 2017 at 1:09 PM, Alik Elzin <kilaka(a)gmail.com> wrote:
Do you know of a Keycloak example that supports idp-initiated sso?
On Mon, Oct 2, 2017 at 1:54 PM, Hynek Mlnarik <hmlnarik(a)redhat.com> wrote:
>
> You cannot use saml-broker-authentication demo application for this
> purpose since it is an OIDC application, and IDP-initiated SSO is not
> supported in OIDC. The saml-broker-authentication example shows how to
> broker a SAML IdP - SAML is used for communication between the
> brokering IdP and brokered IdP. If you want to use IDP-initiated SSO,
> you need a SAML client. In that client's configuration, you would get
> the IDP Initiated SSO URL Name field to fill in.
>
> On Mon, Oct 2, 2017 at 12:33 PM, Alik Elzin <kilaka(a)gmail.com> wrote:
> > Than you Hynek,
> > I still don't understand how to build the URL.
> > Can you give an example of a full filled URL?
> > Do you have a specific URL for the saml-broker-authentication example?
> > Thanks.
> >
> >
> > On Mon, Oct 2, 2017 at 9:31 AM, Hynek Mlnarik <hmlnarik(a)redhat.com>
> > wrote:
> >>
> >> See
> >>
> >>
http://www.keycloak.org/docs/latest/server_admin/topics/clients/saml/idp-...:
> >>
> >> In the Settings tab for your client, you need to specify the IDP
> >> Initiated SSO URL Name. This is a simple string with no whitespace in
> >> it. After this you can reference your client at the following URL:
> >> root/auth/realms/{realm}/protocol/saml/clients/{url-name}
> >>
> >> --Hynek
> >>
> >>
> >> On Mon, Oct 2, 2017 at 7:01 AM, Alik Elzin <kilaka(a)gmail.com> wrote:
> >> > Hi.
> >> >
> >> > I managed to run the saml-broker-authentication example
> >> >
> >> >
> >> >
<
https://github.com/keycloak/keycloak/tree/3.2.1.Final/examples/broker/sam...
> >> > .
> >> >
> >> > SP initiated SSO works OK.
> >> >
> >> > What should the IDP initiated SSO URL be?
> >> >
> >> > * I also posted the question in SO:
> >> >
> >> >
> >> >
https://stackoverflow.com/questions/46423301/what-should-the-endpoint-be-...
> >> >
> >> > Thanks.
> >> > _______________________________________________
> >> > keycloak-user mailing list
> >> > keycloak-user(a)lists.jboss.org
> >> >
https://lists.jboss.org/mailman/listinfo/keycloak-user
> >>
> >>
> >>
> >> --
> >>
> >> --Hynek
> >>
> >>
> >> --
> >>
> >> --Hynek
> >> _______________________________________________
> >> keycloak-user mailing list
> >> keycloak-user(a)lists.jboss.org
> >>
https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
>
>
>
> --
>
> --Hynek