[keycloak-user] SaaS idp brokering
mj
lists at merit.unu.edu
Tue Nov 13 04:23:59 EST 2018
Hi,
This question is slightly off-topic, I hope it's allowed to ask here.
We are using keycloak as an IdP, loving it. One of our sister institutes
is using another (openid connect / saml2 compatible) IdP.
Now a new project: Trying to achieve web SSO across both institutes, for
several web applications, mostly supporting only one single IdP.
We have made a PoC using keycloak's brokering function, and it worked
nicely. However, our sister institute prefers a SaaS solution.
I've done my googling, but terminology is confusingly different:
- onelogin ("trusted IdP")
- okta ("inbound federation")
- gluu ("inbound identity")
and obviously
- keycloak ("IdP brokering") (but not saas)
and I am not even sure that the above solution are really the same as
keycloak's IdP brokering, and that they would solve our SSO requirement.
(doing a PoC would be the next step)
So I am asking for recommendations from the guru's here. What are the
do's and don't for something like this? Perhaps suggestions what to look
for, what to avoid, what other products to take a look at, etc, etc.
Insights?
Thanks very much in advance, and again: apologies for being a bit
off-topic, hope not to offend anyone.
MJ
More information about the keycloak-user
mailing list