[keycloak-user] Fw: SSO saml and jwt client
John Dennis
jdennis at redhat.com
Mon Dec 17 08:32:05 EST 2018
On 12/16/18 10:12 PM, Dmitry Telegin wrote:
> Hello Mahendra,
>
> This should work out of the box - after all, that's what SSO is about. Are you sure that both OIDC and SAML clients are in the same Keycloak realm?
And make sure you don't have ForceAuthn set to true in the request. As a
reminder this is the definition of ForceAuthn: "A Boolean value. If
"true", the identity provider MUST authenticate the presenter directly
rather than rely on a previous security context."
> Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
> +42 (022) 888-30-71
> E-mail: info at acutus.pro
>
>
> On Fri, 2018-12-14 at 16:04 +0000, Satrasala, Mahendra wrote:
>> I can SSO across different JWT clients but if I try to access a SAML client, I am redirected to the login page even if I have an active session for the user in keycloak after an OIDC authentication.
>>
>>
>> Is it possible to automatically authenticate the user for the SAML client? Simply put, I am trying to get a SAML assertion on behalf of the user after OIDC authentication.
>>
>>
>> Thanks in advance!!
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
John Dennis
More information about the keycloak-user
mailing list