[keycloak-user] Publicly available SAML Service Provider SSO Descriptor (SPSSODescriptor)

Bill Burke bburke at redhat.com
Wed Dec 2 09:50:15 EST 2015


Not available at this time:

https://issues.jboss.org/browse/KEYCLOAK-2189



On 12/2/2015 9:10 AM, Ton Swieb wrote:
> Hi,
>
> I am wondering if it is possible to access the SPSSODescriptor of an identity provider on a public available URL.
> Not to be confused with the IdPSSODescriptor (/auth/realms/{realm}/protocol/saml/descriptor) which is publicly available.
> I found the API call /auth/admin/realms/{realm}/identity-provider/instances/{identity-provider}/export , but this API call requires authentication.
> The IdP on the other end of the line needs to be able to retrieve this descriptor without authentication.
> I found a thread on the mailing list from earlier this year where the existence of this feature is discussed, but the current status is unclear to me.
>
> Regards,
>
> Ton

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-user mailing list