[keycloak-user] Bookmarking keycloak login pages
Hynek Mlnarik
hmlnarik at redhat.com
Tue Aug 22 02:48:19 EDT 2017
You seem to want what is called IdP-initiated workflow that works for
SAML apps [1] but not for OIDC. See this thread [2] for furtner info.
[1] https://keycloak.gitbooks.io/documentation/server_admin/topics/clients/saml/idp-initiated-login.html
[2] http://lists.jboss.org/pipermail/keycloak-user/2017-February/009642.html
On Tue, Aug 22, 2017 at 4:47 AM, Matt Evans <mevans at aconex.com> wrote:
> We have people that have bookmarked the login page of keycloak so that they can return there and authenticate, rather than go to the client app page and be redirected.
>
> This doesn't work because the bookmark they have contains time sensitive information, e.g. the nonce and state etc. So they can authenticate correctly, but when redirected to the application it fails.
>
> Is there anything that can be done for this situation? I thought perhaps including the information as post body parameters and doing a post rather than redirecting with query string parameters, but this doesn't work, POST is not an accepted http method. Also I assume that returning there from a bookmark won't work either because that post body information will be missing...
>
> Matt
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
--Hynek
More information about the keycloak-user
mailing list