[keycloak-user] SAML setup

Hylton Peimer hylton.peimer at datos-health.com
Tue Jul 3 10:40:19 EDT 2018


I have an application connected to Keycloak using the Spring Boot adaptor.
There is a client with Open-Id Connect protocol, and the login page is
displayed in Keycloak and everything works.

Recently I've been trying to add SAML support, and make my application an
SP. I've done the following with two different IDPs, but neither works:

1) Create a new client for SAML and import the IDP metadata
2) SSO to the application with a POST binding

I get the following lines in the Keycloak docker container log:

14:33:42,922 WARN  [org.keycloak.protocol.saml.SamlService] (default
task-2) Unknown saml response.
14:33:42,923 WARN  [org.keycloak.events] (default task-2)
type=LOGOUT_ERROR, realmId=myrealm, clientId=null, userId=null,
ipAddress=80.176.43.230, error=invalid_token

How can I debug this?

Hylton


More information about the keycloak-user mailing list