[keycloak-user] first login flow with SAML external IdP
Manuel Waltschek
manuel.waltschek at prisma-solutions.at
Tue Dec 11 11:27:04 EST 2018
Hello there,
I have the use case that I want SP initiated SAML SSO against an external IdP. After succesful login on the external IdP I get redirected to my brokering IdP which wants to do some Authentication flow stuff, but I would like to skip authentication against keycloak and just redirect to my application after the assertion was successfully verified. After some research I found that this might not be implemented yet:
http://lists.jboss.org/pipermail/keycloak-user/2017-February/009605.html
https://issues.jboss.org/browse/KEYCLOAK-4240
So alternatively I thought of just importing a new user by following the steps of :
https://www.keycloak.org/docs/latest/server_admin/index.html#automatically-link-existing-first-login-flow
But what happens is, that I see two requests on http://localhost:8180/auth/realms/prisma-keycloak-saml-idp/login-actions/first-broker-login first one as GET with code 302 and after that the browser sends a POST to http://localhost:8180/auth/realms/prisma-keycloak-saml-idp/broker/after-first-broker-login?session_code=aCXwyrUGaBqNNyrfpi5LsYkKFe2L-_fUIaFBTeg_FsI&client_id=http%3A%2F%2Flocalhost%3A8080%2Fvde-tirol&tab_id=xH0H-u3taN0
As POST-param it got the following EncryptedAssertion from my idp-broker:
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="ID_38969c7e-58a0-4bd8-9699-2e4ee913f0fc" InResponseTo="ID_cdd51254-befe-4c11-a290-e8dc8fa3a769" IssueInstant="2018-12-11T15:44:49.960Z" Version="2.0"><saml:Issuer>http://localhost:8180/auth/realms/prisma-keycloak-saml-idp</saml:Issuer><dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><dsig:Reference URI="#ID_38969c7e-58a0-4bd8-9699-2e4ee913f0fc"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><dsig:DigestValue>JvFxhVjCdc85MCr2WZJN285h4zKGevcFN/8oSgGBk/k=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>ahd0C3jr3gSCaHR2UDqNbzr5lVPL+2Dd2IggVhUZSuTRq9BEQXxOwe3jLK/7CldG39rSPkpxkyTMvGRMhJT5fe0sWf9U3PcsbT0h1vGUqphIaFb8Y0TizYpkeTrN2jk+d6+h3WrVYiOXg8PNyww0Vf7ParqIdKMkrAsQ4NVAlW9FWHgleN3N7EpZtrFiwPo7YyEc+8i95TtNA063+9rfS7J35HmOem+UjZXPKWSsWSc/JqqKo9KTLydGEVn6Nt4/lTophMB9YOP0kV0h/IkHwO0/fCCvn8SAObIDHo9sTQt6uQOOp9RnYIxT0Q0FW8L9MSl7uAhgb1jK06njKrfelA==</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIICvzCCAacCBgFnUHFoLDANBgkqhkiG9w0BAQsFADAjMSEwHwYDVQQDDBhwcmlzbWEta2V5Y2xvYWstc2FtbC1pZHAwHhcNMTgxMTI2MTQzMjQ4WhcNMjgxMTI2MTQzNDI4WjAjMSEwHwYDVQQDDBhwcmlzbWEta2V5Y2xvYWstc2FtbC1pZHAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC069gg6qpIEn61cp+kfqDnsTb93529dNPwmbs4ukxhOIFW7Ic6SsabDvvlokaC/fNOHcfLV8KSyTYcd4E8ESw65dGaGtBUwr2Egmq8U/KVOLxcjQStze6TZU3TAnaoU7ZhYXzCipnLEHMDzLSVUYUNVzX2cfNHwipGJvw8ribB51vKByn/LhyrhDfHGwmlP6Fkth3T0cKlN27x4s5zfBje1lp0uQagatUPcmwm51K3vSNHu1rz6CGOJviHVXu9T1T6adxw83Az6FK6Z+hNA/uzCYUafcY2xYK6z7nJiXVwbCg+ZYqRuWa/hjMZ3ViWb9J3iPGmjGfYQsYK5W/kyqiXAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAAwfSPO+MY8JTaI5qRF11O3iiMh99wTy+V9NdYp1No2HRxfAZiZeGTgWusYgrO2bQ37BGVs6Iw/7XU/eSzOfeYVmWgm1XFvimVq9Z8FVKfH93CRnhbmgnPV2wKPIlmKjzV5KinjZfbuX/6hO3jCRaYk4B4RgNnnNX5yJEbhxQdtRsTpYyPbxrLcCRx37T/U+g+JuoW03H23rFssS4OcEgoMPSBfKDE/DJDypOyl75YB8C0t5zOidFN0LNbw428X2LG04ZcD9rvyND9u5SEVzAjWp2EM7QD6klhXPDIyGSEMjKSNC+IFMpAmZLsHAVih8o8NqsNMxmsuEXVVONI1M0EY=</dsig:X509Certificate></dsig:X509Data><dsig:KeyValue><dsig:RSAKeyValue><dsig:Modulus>tOvYIOqqSBJ+tXKfpH6g57E2/d+dvXTT8Jm7OLpMYTiBVuyHOkrGmw775aJGgv3zTh3Hy1fCksk2HHeBPBEsOuXRmhrQVMK9hIJqvFPylTi8XI0Erc3uk2VN0wJ2qFO2YWF8woqZyxBzA8y0lVGFDVc19nHzR8IqRib8PK4mwedbygcp/y4cq4Q3xxsJpT+hZLYd09HCpTdu8eLOc3wY3tZadLkGoGrVD3JsJudSt70jR7ta8+ghjib4h1V7vU9U+mnccPNwM+hSumfoTQP7swmFGn3GNsWCus+5yYl1cGwoPmWKkblmv4YzGd1Ylm/Sd4jxpoxn2ELGCuVv5Mqolw==</dsig:Modulus><dsig:Exponent>AQAB</dsig:Exponent></dsig:RSAKeyValue></dsig:KeyValue></dsig:KeyInfo></dsig:Signature><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><saml:EncryptedAssertion><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/><xenc:CipherData><xenc:CipherValue>WBkcmRAsyrpLfkrhnDWX1OwEW80bK5ICUjsHIVfyCsk9PSnSvDdhJyh7ZMgOv6/mAOL3jSEKDoJn2evbLkJR7g3UXzZ5RdS84vj+IgkynoxQtWpfWsIeziwkBUPSpxlviVUEI+/d/LouLlCBbhHF7JLkX4284NVN/TPOS7y6FwgA2lLmWGYefvce0W3DxN+g1NZDKlIo1GZlMrU4TwwkSP9zyedS+wdG1k3GssWa7g2PqRLWQcW59V6shI5FDltvFZDSINQurAQkQPQeLm+ibrRT78Nmp1X9x19G3DQ1PlsO6O/m05n/Uj8qX3EhJA8RP1TXQ/yQrNKzwbc2IGi7zQ==</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>JpORpoEaJ108oXp2yDZIGATg4ZoMaX92b0ICB8XavN+f/6f8G/3gHJiO9lmd22vnDW9oK4S1Rm+pKVWuGs69CRKdaCikRECns/NkSyItulQDOEzll3md4X0x+C1nIrlybHPCQnew+m9Hmm/4d6m95NBKPl+fBjWUtpMD6i4BeKg2rrGcucX+wVKUbfPwkD6xX9SRpJT9aO9J03gFA4793vOmMFVlgKlG52r2nrscZPVrgMLUONAhhtlAk19W6bBX8bcWDXii8TF/Le2sR9J434jwjiLMt2sCBI3tmBYxalD38crUPr0P9lXfVXUILFHmiPIqoHsMIDxg191gwebpsxDUX2SCsLUcw5ONIf0nLc13jYC40Imkyq1cjaD4vC+d5yu2hNULs7c71rlDON8pnnoNfz3d7HQiZgL1pTRoYkvkw3EI+0Q0+hfn/0AsCkbo901qInmHPFooV7Y4Rs5cQI0qlx/DdiTSyQsEWSIzZVxlJgtcQqHv2D8bRxQzHdz0T5YhN/nBQSpVkkHw0KqG49IIydppJc5jd3tNz4aiOX1MxqLeXLyphg++XVIN3XFlTqHc8iS7mccJAbf2Oq7aJqKvf7K4L2l2cwHC8fpWAKxJvatbvwzK65f3Fy0RhjTJQHAt3cLksgxo/yKzsaxlDRcVqHI8OtZ0KVzcrzbPuf8NIvHHNLIMtmj571PiQtbTAQj3AgBPXqALBygnJ+ywFrUcpRISvQQxJqPVTFfhsdFohCqMwCTYaeIUTzxRPSyp4GZnI3iugI+FCGVa6cH4tsQVcqVpqoytIEDELjeheS17jIXT1nxcpxC6FavUoDf7b5qxHZV3pnerAlWPm72Yz670h8mhng2rLG0BVLzjoDFneapYsTBz8RXXm877mi29GJjh+93fDuN/v/wHXdZWYfyjPuSmQkymBMt0UPxaQTb3Q+DbM3DgEi8WrsuXdykugXyT2fR/CWJMViP05N68poqps1VEWAdQTUoacNnq1X6nAjLF95rqI1xk6nTXMoF5DK09HPl2fAMMJ1viE0EcDFmnaewZSLyNZwnC8zmeLxRkGOKvGk3vvdKAfpvvHMacsf7fwXRVg0YGAkSeWSzT1F30S1/qNv85Ys7d76iPfLg2UELkG9t/AcA5V3woWPZVBB7Gm8hl8V9urgVOMtGS+qxU5GUMYR5MTO8XXu1KphXYPLj5ylGVCNo38iIO3FsjizZGqbsiqG4M8uwX+3r7+2BNZhC0ZxHZ9yqTgiQxfr51BKpmNKBbPnDZ1vswfYS8SaBp+P0RDBvolJeIbVbItZkvrZMaYv/oouq1NiCpRnYgIvudt618gE/Hod+52u5mtj31/wYWCzYLIS3osazP+Vy5C8Bv0c2I+MQjLlyB8ZqgyvRBFE5myJIXZ4+TjrGGjhPUsLIu1Ehfw8d7mgJbOrNnGGmq/0kKPVVrcnIUvE1aF11w7l6VuulKdqFPDm0F1ESenkelTPFePDvH9Ne15WS4rfsB13wzx8bmi0CNVi7V/kd1zfq/4bmB/HjicNw2rCt4hT0EscHKk9vF1SvYvHhGWQq9w3fKWb/lh6sqWyFNcIt4SNTtHa297EMkLobMlBbh6tXnDOH0EC7HyvknmLKjXXN223XIxuVEwoOossqX+Yq4kLPZwT/MvIZrb222CrD2oVyHQwYm2BQHB8/7N75YwQonmEj2Mm1m8HVIo0LQX7Q5QJ176SbxZwdLOGEiAZtHxtjploAIfmnWP2s5OdDY5AOjkgCZ+k+0J04L7zrf9YIRl82F4qhBLv/XSfncdFkqAHph8ijK38w0zEYAc2c6GZ5p+I700ONkbg9tbTAdXgXqAXv6g9fWnjSjwXpmb/hnYV0k/dCufcr1QEkHDL7NCH8fwiOigzCy1ExDUnhVcFwSFL9BptrrBpCWHkJlGA/4hWm7QadvXPAEKuToGM0P21FXNlWoEDuauKWQxKlZIX2meVyTavSHHTniWRwp5QzzLT3xHlfU0WsKNGvqWo6XtBXxJnjEHQWY15g0ZSa6Os9RKkL050HWkRcVxH9is91Uf9Tsge9g5X34ODwETbzxvqvSzpejg4CrNOK6JgPIG3mKHxeb3ASDgSuQLKrCKGSb+li0QwyJUfwmUFruTa2IgRd4AbKZc7gLyBE3mce+cMDHlIW5dgD+vIgeYDsdRdbbWjBr/HYjwZB/GBwAlRQwTj3QGZY6AvhnUBRySzn6PEqNLV3jSJenzA1YicYfHdmG3uHxILJsGlJxuhNqSroy4nLHQ3Nv5AeD9jz6xdSZLyuWMB2e/Oc+4+9KRzjGb9Q7lYjxLN+Q52Ydbh4ZdOAWaBf05vNlvMvX6PKRGe11kYryvIE0vL6V2tWZ5tBH1oO0qTiu5srBBKkB3piVj86HyhuHBUXb4dlgEaf/hSbSd+P7ee51MG+n+laYCbBpVh9pWWk4AnwnqhOWrrCte4IOIgQfAJYoi59I6Ewt22WKp6xS86Nz9o/f4TOdLuKaUsc+k2StBkbvbbMfncxsxfAyEsA3vq51PwCWH8bGIKnySI4KRfcpULiYhsm7i9KDNfwxjHjswDRh3kDgB23dGl8s95mT7oI34W1hELqjVs+DU20b1Ojcq7YDdhqU7F0D888GZzf6ZKNkT1DJv+hHxpDtBswa9NT6ufTIcHG5kxbxcSTg1erOzbiurXKxEIykrkO4ZFiM1Mjhuvzm89CinkpPgzI1zy3chwHFANif5TZpVKlEqIeY6qMUW5ry9f0K+ln0EM1VH5CfyFLznIEyNYe0cxAtWFwXMX71m9IZndDzIpucd0RcgJyakf7ws1uzDSsrbwIy9uj3J13VVPc/2ThSIrreHloFX5/QfyIZSFFRTCREcjfJTJHcq4GFJ9lmxyG1avV61Zt3/O155vWct0fB355i3omytfxq/s9jvCY1sqs7buil9SZBbh3Ro9egGeE1QmWzXq41SAV6i3+cyYpnbExFOWAJ/lamVs/OmdQZve3p8hYLnG+fiTHm4ZSZNr5uaaR5aVPgEGCQCm2R8HTwBH/45GufBj82o3OCdNNiXFrRSpmPzlA9E3oxQV3rYaUICCY+M3uzmoFsS//beTMVnQ5HOJL9Ko5PUj4heoyFwmjMM9xGUQFgf+84fJUoBVDJevrdx/OLmyh+xxMoqqpq3FrTEWCSif2R/RDeFE3dobR2RQYXparI/01u+hU/Aeg9runenc74rF6BsysI9WjvWlK+AsRl/l1RJFx+UvMraXAYmHHtfGu8qRVxCkiQ65TaSCRCaT9iZupDM4I8t2hGud7FbEfOxPjcn2Ln4sOdVfKaTaZNh/CzDPs163YBy2wr79JbrEP98t3QWVG5qxOjRWx0FPCf9yuymOSByM0Ywm+wL6h21xPg0PgVF7huX9iL2MWzOtQd0/Ii9VbhjKvIsIEAnkzrDlTPNIqhWQ/xgnDd9lLmtbmlzHe8JI2KHPoFVzN2b3Zorqwp4Xi7tQrSp773hUVLBAAfgu2KmLRU09eIzSyxl5L4osSo1kyAEzgbCkZo/DG6pd9pJzjiPz3pjEzp01EDPVHuNoVgOKDV1bJUqmzPqbeGqPI8WODAeC/4pA6dRzK3lgjGWx5Hvv3VbvaUAddYm0SdVVkuY8QJxJkzL49tUqeIaiHa+httN/Ez59LKQCLSE94QDWAyuenf2lSZ8WcckMa1jAx59n3F/OfCYVr9YxxoEnsDx/xBSKf3AKqjPwbuenYka5dl2RZ/OBsPkvcDJeWJm6T8MGxkzo2mAm4RWDs5zGpMyda14m5nS/TOetzzyTnMZlKlamJnH0OLbZeKW9DogWsg8FGQPwYtqSljKVhNnHfdDsuum99DBM4w/7l/FFSfTX3wmW4EpnrLrbMHP8nfc5j2Q6xiUFw/k3Vg6up/LTZ+GoB9l9v4Ir8eJDeCelEtxnkyE0Tt77wwMNQm0qn4/hVxgFCBaeoRhizMN0RtSHv6vSMh8VJ7U+OZZs7suRZ7siAhqfIzpV0f8GdIcnuMSx2jt5nceGmfT5jTp1/W6NYGikHmH2/tq/DSPxmZsr1L3uY6h6KOp+90D9MMUZhFKOrrshR9+sXdVdFvAVawSxVBaIxstI4YtE8VjL8xdo6qNyReZozX2AeQ5i/K7118i0PSvT5ebezFsn25Ta0oIlu39YJ1K35/dYgVOlJdKmp0QQQ33ye3XcJbQFrRMHHHJVQxpqhF6UoRDyrK2SmNH+gN77VNtE5K2my1HEz3IaHgbwBv0gviyK0p+0/7oh46mh/KCLrsPPAjnlH7j7q/oHJEiDcNDuiwaZM9u6e+fB+DTM/IbnEkZU7LlqL01iKDucENhMdNRqH5WUSrJXgHuYFiIa9lYXqEBAIK0US84pyJIe/6J5zmRWKxLMbl5M2zA1R+Gb3tr2s/jHQgGxRgTwOsFcld4MEOaCn3ISqDnR41pID4LeQWlcWswwWMJZ9GSWUQn3h/zKGU+uUEsJOjtJKOo3dTwZvwNrDFTbMh8MsvGuIVpHloHnfhZrg2zhpbtD0hOGZQTpHVLcTrfcoRjhuuowAQyTvRNs0OqtxvBy3fcES7DFABuztcRfxHquv65n1AE3iysC5KMQFkp1b8SXLOIf85S0hzQrZNBBCB1GpxHvkvcU1MklT6WvyUuz9b6PyzqwOVF8QdTfdZibSgsxdynDkwfGBVDzZ2c7BtmKw5Ead7G1Ud20R0Yg13tcjgbR99uFFhLa/OaCJkV+L2ezMgVPrH4NtV14ASk8wTzGgJALHcuKU+Np57jBRdbVaHoHMVJJKNdsgL+mSNcWrl2bexPCuo4HOx8+UmVwJC4ANmdwyc/mb8iRtA2ah30GfNrfYst6R/w9LJ2CRubF8on0U8gdY7UTDL4VG/Cs/ylga8NBLhr8dZCmAclL9OvaYzQhlUUUHbAQXycD78wKP2fpvKlIsmE/2WR4TNd7wpaRYGZ+6rrs76BNZIGFFJa+YZrArjh9z/bDA+h8zYu0LeqGVrsE89Nwr79hyeASHsDhwbB9vwFAku3A53erX+qGy5P+qCQC5b5rGTUjoTewITCpbGrtnpbRE4GwLpxBfVfOJ8oplSCqamEBlc8BTzbe82jv2jzO+oBzHfTXTX7c7elsFxi0gxPZn8pZjNkNflzx023HnPWZNxD5zv3E283IzwLlKXwmZVmiG1IM8mk++GgOTVnAgLeo0l3Jd9ecBM+QQVI4KcfSfW7GoTb9lHPY7dK1K5W1yOOkZ+QJzSl9oyG3WvlTCZoStVBn1TiLbh+cBSEB0L1+7vMFBD7WkWbpW5ZZr1Fo6kP30gveTCi2wnB0hi8WOH0gZ7iQXbA0BoIPKlJnK46AhJQQ5HnuX+0jQDQNY1xiDnGSOLVmpk4a4Whs/88YkeDOpbIpMYow6jlhMNhF/FipTy6hgSy9wT5Uh/9GcMAhXb1s32hXt+YJomY5wLbr7Eg7gCKUe4/pL5r61VmgddhVmXdRQdDpYLUBCussJl9lTUTCVBqnllEzydNfjskm4mebgg0j0pheIPeJlX8hUi6K04lco8y+p66bNIMVIxxWkNPkyZX1JwD7jY31nbRUV1VGpV4wBbWJ4HjdHnC+eu7+vdTTe3dPaKqs9HmEOwmvwvnsHqxAaCaoYUeEJmwRdNclhRthoDe+TJ4md9YJzrwpkes8p7CCD7IlQj9QOZEUUX83Xeu1r2a0aligKZwYrSu9SPHNDS4ffkOmiARJMJxmLbF1W1GkossrAVJv25EyxPw5/eEjUBoH1c3MrAFC/kgQ86/uO47nZjghvgp9S66k1L5/3ukWPkdn1p31wLDX+jYE7PBjVl5tK+rRxdkOpHKjfxFRYZbkpCXiHnRrGkdEKc83toQzh4wuWPHvrVcPDcXLfWHAJMyOCJuuADEQvcOW0RZl+IfbNWJsxt9QWEWp0B0fR5560sfVWcbHtwzQemkpLs4v1VG5xFLphbh05t7MDOdwuy5pz3NtmazBhVrwfJG32OYERF92jPvEI3ofKZMX1hIrL762gzeVHOuWteREE+svMSys7x4UdAI7SEKM3FFAaf84e0eoZVD20ZuUbewLT0eR0xmDNEFkPOnLgi27zF0B+zz9ycx4JS0rvJHsq/al+2GAZc+EEtPDi50RREg5CubRJhGEIQvJH2JPIrWVQ3D1QLyLEULziByD30A0TYumWrmPhVcRkkUjQNrgo9z77Cv+SIJwableLcMOf1JQ0qe9W5alER8pCZ7OAilc1X2nX5TNniSAh0p4wrxzDB0I1nV/Sz1lqcT5H89CPBOO0+5N+X5FYKTIjm1e1K9KsfFRWIFlObjhYeWOZT7zS2XDhC1tr7LMfD8xed8CbYBcoGKt8APJUSn9Jx6Pb7u4Stm0Xk+jBKZqycKmMSC121Zyq4xf6qS8QJQWfmNcg0U9fgXtT+4KZN2nmLsM504eYFqpbttM+yogJVSOMs3CanT6SczKa7pPIXPD94QydXwgaPJs3zXuEp5oGQdRm4MRq/xcwh1WcUtSkDwbT1mvEejjhT+T6FEmyG4Qww3EMS3uyWL4un9a1Mq9kqtOWtSa7VIQLeaiz+K8Y53g5K/yyaQf+NEESHN8l1Mucz1xuvI8Hcxu4dDO8Z2HjdFFqU7QMNsdMDDB/ylWXA2zXKqCGs5chXpN7mIC0+KbsO5lgf0WOJtzV630eBpMCI0yvIPecELHOB2YGIYcJSe+CG/7SEZeAZw9+URk5V70Xl6B7n55GQdqS6s6V0MeDt6QeTfcj3Byynn7nJS13Scionf9bYsaS+i95PpjjwSWW7altQAUUMwOHWOMgSlgQLm3eOk3eVNBsIsd9rprWr9mVzhdw+K5ukrRKTOE5DSOZttGMrC6Zrt3l7biLytlQK7od97SA2MwBnv9AAvSFInu5FBdHZUWdlHe90gzgh9Yakir61cE2nNxuhwqMRMgqo0McD1ntdGWjPHke7QVUCZJJWdm3pbv+b/0+neVd7gGKGiUlcWRVQLbT8ZtubhyaR6+re6dzFgl4dENibwqqkAVUh24UWPhltKvEZJPoYUxGU3C2okdy1OXksqqWgT0V2it3QW5CbV5Xj5qn2owEDmYl2GMc8cZcGY7iYFcyhPKIpW0z0t10W88Lccw3VMwPF9bDdLARMAEeJ7yTQZwabLqzkNW3O/ny92efAEKW6qj+HcAhFZcPDW1AdjWiLnKZiWCTF0qaSjP3iYFWkJKXQ1l618fxP02eekof8TTll1eUT0YV8eWLAXptfarUCIKSEQjWhHRJwKHeeaLcTjXannZ3a4EqX7okWvvtrlTO8LxKv00XXBkzRnsnG3j1H8NTTY708VYZ4n1R7PAQrQVYh3dViijnhkIJOlm5acUi6c3ebdf3t4mKCNI826DZ4PnyWLCDpUrDUXZNnPmEcFbahajm4NrnKFRQeHTZeERJg9j7cZcj+4XTSdrKBWmK8B5DHo1Rlew==</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></saml:EncryptedAssertion></samlp:Response>
As a response I get 405 Method not allowed and get redirected to a keycloak page saying "internal server error"
Why is this happening? Are there any good alternatives to this flow for my use case?
Thank you,
Manuel
More information about the keycloak-user
mailing list