[keycloak-user] Identity Provider Saml HTTP-Redirect binding

Henk Laracker Henk.Laracker at planonsoftware.com
Fri Sep 4 02:50:44 EDT 2015


Bill,


Keycloak is delegating the login to a external IDP. It is a hardcoded
string but If it could be a little bit more flexible that would be great.
If we could add custom key=value pairs to the url. Which are defined per
SAML definition.

Thanks,
Henk





On 01/09/15 22:44, "keycloak-user-bounces at lists.jboss.org on behalf of
Bill Burke" <keycloak-user-bounces at lists.jboss.org on behalf of
bburke at redhat.com> wrote:

>IdP=LoginFormIdentityProviderPlanOn
>
>You need to add this?  Is it a hardcoded string?  Is Keycloak the IDP?
>Or is Keycloak delegating login to an external IDP?
>
>We don't support this currently.  But it may be something I can quickly
>add for the next release.
>
>On 9/1/2015 1:20 PM, Henk Laracker wrote:
>> Hi,
>>
>> We use keycloak with a SAML Identity provider, we have to use
>> http-redirect binding.
>>
>> The customer expect a SAML request something like
>>
>> 
>>https://samlfeddev.cscdev.com/EasyConnect/SSO/redirect.aspx?IdP=LoginForm
>>IdentityProviderPlanOn&SAMLRequest=rVNNj9MwFPwrke%2BOk5ayjdUUlS2ISIWN2sKB
>>C3Ls110Lxw5%2BTt
>>
>> But keycloak generates a response like
>>
>> 
>>https://samlfeddev.cscdev.com/EasyConnect/SSO/redirect.aspx?SAMLRequest=r
>>VNNj9MwFPwrke%2BOk5ayjdUUlS2ISIWN2sKBC3Ls110Lxw5%2BTtj
>>
>> How do I achieve this in keycloak
>> Henk
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>-- 
>Bill Burke
>JBoss, a division of Red Hat
>http://bill.burkecentral.com
>_______________________________________________
>keycloak-user mailing list
>keycloak-user at lists.jboss.org
>https://lists.jboss.org/mailman/listinfo/keycloak-user




More information about the keycloak-user mailing list