[keycloak-user] Questions about OpenID Connect Identity Provider

[Christie, Marcus Aaron]

Thomas,

Thanks! That looks exactly like what I’m looking for for #2.

On May 31, 2017, at 8:13 PM, Thomas Darimont <thomas.darimont at googlemail.com<mailto:thomas.darimont at googlemail.com>> wrote:

Hello Christie,

I think for 2) "Client Suggested Identity Provider" is what you are looking for
https://keycloak.gitbooks.io/documentation/server_admin/topics/identity-broker/suggested.html

Cheers,
Thomas

2017-05-31 21:19 GMT+02:00 Christie, Marcus Aaron <machrist at iu.edu<mailto:machrist at iu.edu>>:
Hello,

I have two questions about Identity Provider configuration in Keycloak.

1) I would like to add an Identity Provider and then have this be the only option available to the user for authentication.  Is there a way to disable the username/password authentication and not show it on the login screen?

2) Is there a way to redirect to Keycloak and have it immediately redirect to an Identity Provider?  As an example, let’s say I have two Identity Providers, Google and Facebook.  In my web application I know that the user wants to log in via Google so I want to redirect to Keycloak and tell Keycloak to select the Google Identity Provider and redirect to it immediately.  Maybe something like my web application redirects to keycloak like so:

https://mykeycloak.org/auth/realms/myrealm/protocol/openid-connect/auth?response_type=code&client_id=...&redirect_uri=...&scope=openid&selected_identity_provider=google

and then mykeycloak.org<http://mykeycloak.org/><http://mykeycloak.org<http://mykeycloak.org/>> immediately redirects to Google.  For the user they don’t see the Keycloak page.

Is there any functionality like the in Keycloak?


Thanks,

Marcus

_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user