[keycloak-user] IDP SAMLV2.0 with Salesforce

Marek Posolda mposolda at redhat.com
Thu Apr 30 05:40:45 EDT 2015


Hi Raghu,

There is some documentation for admin endpoins here 
http://docs.jboss.org/keycloak/docs/1.2.0.Beta1/rest-api/overview-index.html 
. The endpoints specific to OpenID Connect or SAML protocol (like 
endpoint for refresh token, validate token etc) are not here though... 
We will possibly try to improve for the next release.

Marek

On 30.4.2015 11:14, Raghu Prabhala wrote:
> If you get any errors about the entityid, try the below
> http://localhost:8080/auth/realms/ 
> <http://localhost:8080/auth/realms/%7Byour-realm>{your-realm 
> <http://localhost:8080/auth/realms/%7Byour-realm>}
>
> Marek/Dev team - Despite spending a good amount of time on KC, even I 
> find it difficult to make things work as the end points are not 
> documented. Is that something that can be done before you go for the 
> next release?
>
> Thanks,
> Raghu
> ------------------------------------------------------------------------
> *From:* Marek Posolda <mposolda at redhat.com>
> *To:* Henk Laracker <Henk.Laracker at planonsoftware.com>; 
> "keycloak-user at lists.jboss.org" <keycloak-user at lists.jboss.org>
> *Sent:* Thursday, April 30, 2015 4:49 AM
> *Subject:* Re: [keycloak-user] IDP SAMLV2.0 with Salesforce
>
> Not sure at 100%, but I think that for both values you can just use 
> URI when you want Salesforce to redirect after authentication. So 
> something like (replace stuff in braces with values for your environment):
> http://localhost:8080/auth/realms/{your-realm}/broker/{your-identity-provider-alis}/endpoint
>
> For some hints, you can see picketlink documentation for Salesforce 
> integration here 
> https://docs.jboss.org/author/display/PLINK/Picketlink+as+SP,+Salesforce+as+IDP 
> . I assume many steps are similar for Keycloak like for Picketlink.
>
> Marek
>
>
>
> On 30.4.2015 08:45, Henk Laracker wrote:
> Hi,
>
> I like to use Salesforce as Identity Provider, the metadata provided 
> by salesforce can be imported.
> But I need to specify the Service Provider in salesforce, I have to 
> fill in a couple of fields, but two of them I don’t understand (and 
> are mandatory). Does someone have any clue
>
>  1. entity id , remark of salesforce : get this value from your
>     serviceprovider
>  2. ACS URL, remark of slaesforce : The assertion consumer service.
>     Get this value from your service provider.
>
> I have tried a lot of values but every-time I click the saml button on 
> my app, it redirects to salesforce but I get a page with the error : 
> Error: Unable to resolve request into a Service Provider
>
> Henk
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org  <mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150430/332e9c9c/attachment.html 


More information about the keycloak-user mailing list