[keycloak-user] facing issue while having the single sign on flow
Dmitry Telegin
dt at acutus.pro
Sun Jul 22 23:10:49 EDT 2018
Hi Vandana,
Excellent diagram! However I'm afraid we'll need some additional info:
- as for you, from which transaction depicted in the diagram did the
error arise?
- there should have been a stack trace after "invalidRequestMessage",
could you please share it?
- what was the SAML payload of the request that lead to an error? You
can obtain it from F12 -> Network in your browser (but don't forget to
scrub any sensitive data)
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro
On Fri, 2018-07-20 at 15:44 -0500, vandana thota wrote:
> ERROR [org.keycloak.services.resources.IdentityBrokerService]
> (default
> task-25) invalidRequestMessage
>
> We are configuring the Single sign on for the application deployed on
> the
> Wildfly instance by having keycloak , external IDP , SAML 2.0
> standards
> .Below is the flow .
>
> There was an error at the flow while we are trying this flow . PFA It
> has
> pictorial representation of the flow .
> Wildfly app or servlet container -> (SP) SAML request to IdP ->
> Keycloak ->
> (identify Okta IdP... may or may not need a username) -> (SP SAML
> Request
> to Okta) -> Okta IdP (May or may not need user to login depends on if
> they
> have an active okta session or not) -> IdP SAML Response -> Keycloak
> -> IdP
> SAML Response Wildfly app / servlet container
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list