[keycloak-user] SAML IdP Mapping
Bill Burke
bburke at redhat.com
Tue Oct 27 09:09:02 EDT 2015
On 10/27/2015 7:32 AM, Matthew Woolnough wrote:
> I have added a SAML IdP and can successfully authenticate.
>
> I have also added some mappings to map assertions in the SAML token to
> database fields.
> I can see that the SAML token is in the POST back to keycloak contains
> the assertions i am after, but nothing is appearing in Keycloak.
>
Which leg is missing the SAML assertion? You have to do 2 different
mappings:
#1 Map SAML assertion that you receive rom the external IDP into
keycloak user db.
#2 Map keycloak user db into the assertion created for the client
application. This 2nd part must be done for each client application in
the "Clients" tab.
Does that answer the question?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-user
mailing list