[keycloak-dev] OIDC Identity Brokering with Client parameter forward
Stian Thorgersen
sthorger at redhat.com
Mon Apr 23 15:10:01 EDT 2018
Please see discussion on GitHub PR.
On 20 April 2018 at 03:10, 乗松隆志 / NORIMATSU,TAKASHI <
takashi.norimatsu.ws at hitachi.com> wrote:
> Hello.
>
> When using OIDC Identity Brokering, I've found that the keycloak's
> built-in OIDC Identity Brokering provider does not have the feature of
> forwarding some parameters originated from a client application to an
> external IdP.
>
> Such the feature might be beneficial when you host its own IdP and want to
> configure its UX based on forwarded client parameters and so on.
>
> Previously, I had realized this feature by implementing custom
> Authentication provider and User Storage provider.
> However, it had been too much complicated and I had the advice to use
> Identity Brokering.
> https://github.com/keycloak/keycloak/pull/4260
>
> Therefore, I've implemented this feature(Forwarding parameters) based on
> this OIDC Identity Brokering built-in provider.
> https://github.com/keycloak/keycloak/pull/5163
>
> Forwarded parameters are prefixed with "fwd_".
>
> It needs some documentation so that I'd like to do that if this proposal
> is accepted.
>
> Also, I've created corresponding JIRA ticket.
> https://issues.jboss.org/browse/KEYCLOAK-7201
>
> Hope this PR is reviewed and merged.
>
> Best Regards
> Takashi Norimatsu
> Hitachi, Ltd.
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
More information about the keycloak-dev
mailing list