[keycloak-dev] Passing login_hint up to IdP when using kc_idp_hint
Peter Chamberlin
peter.chamberlin at digital.cabinet-office.gov.uk
Wed Dec 7 13:06:08 EST 2016
Hi Keycloak team,
I'm working on a system which uses Keycloak as a broker to both OIDC and
SAML2.0 IdPs. We are using `kc_idp_hint` for every request and Keycloak is
never exposed to the user. The system uses OIDC to connect to Keycloak.
We would like to pass a `login_hint` or `subject` upstream to IdPs
(depending if it's OIDC or SAML) as we expect to know the user's IdP user
name, but this does not work out of the box. I can't see anything in the
documentation that would enable it.
Is it possible? If so how?
Many thanks for any help or pointers you can give.
Peter Chamberlin
More information about the keycloak-dev
mailing list