[keycloak-user] implicitly pick the IdP for brokering

[Sud Ramasamy]

As I understand it currently keycloak expects a kc_idp_hint URL attribute if we want to redirect to a brokering IdP from a set of configured IdPs in the realm. Is it possible to accomplish the same behavior without having the specify the kc_id_hint attribute.

We don’t want the user to have to specify the kc_idp_hint URL attribute when accessing our SaaS application. But we also don’t want to add any URL rewrites in front of the application or in front of Keycloak where the kc_idp_hint param gets set if we can avoid it. We could add a Servlet Filter in the application that sets the kc_idp_hint parameter before passing the request to the Keycloak Java Adapter filter that we use in the application. 

Outside of the custom filter option we were wondering if we were to do this entirely in Keycloak was that even possible and what would that look like.

Thanks
-sud