[keycloak-user] keycloak 5.0 integration with FranceConnect (IDP provider) no longer working
Sebastien Blanc
sblanc at redhat.com
Mon Apr 15 03:12:56 EDT 2019
Hi,
As Cédric said, you must choose "OpenID Connect v1.0" and not "keycloak
openID provider" if you don't want the param to be added. "Keycloak OpenID
provider" is only to be used when you want to federate another keycloak
instance as idp.
Seb
On Mon, Apr 15, 2019 at 9:01 AM Olivier Rivat <orivat at janua.fr> wrote:
>
> Hi Cedric,
>
> Please find attached my demo realm json file of KC 5.0.
> (client secret is strarred).
>
> TO add the idp provider, I select add user provider and select "keycloak
> openID provider".
> After this, I do select all teh fields manually.
>
>
> Regards,
>
> Olivier Rivat
>
>
>
>
> Le 15/04/2019 à 08:18, cedric at couralet.eu a écrit :
> > Le Lundi, Avril 15, 2019 08:11 CEST, Olivier Rivat <orivat at janua.fr> a
> écrit:
> >
> >> Hi Cedric,
> >>
> >> I am integrating KC (SP) to FranceConnect (IDP) dierctly out of the
> box.
> >> I haven't written any KC code module extension and FranceConnect is
> >> configured as an IDP for KC.
> >>
> > Could you share your Idp configuration (minus the secrets) ?
> > Did you choose "keycloak OpenId Connect" or "OpenId Connect v1.0". How
> did you test from one version to another (export/import, manual conf,
> upgrade?)
> >
> > Cédric,
> >
> >
> >> FranceConnect Integration is working fine with KC 4.81, but it is
> >> failing with KC 5.00.
> >> Only diff I noticed is that internally there is this
> >> client_session_state flag added with KC 5.0.
> >> This is what makes the integration failing
> >>
> >> Regards,
> >>
> >> Olivier Rivat
> >>
> --
>
>
> <http://www.janua.fr/images/logo-big-sans.png><
> http://www.janua.fr/images/LogoSignature.gif>
>
> <http://www.janua.fr/images/6g_top.gif>
>
> Olivier Rivat
> CTO
> orivat at janua.fr <mailto:dchikhaoui at janua.fr>
> Gsm: +33(0)682 801 609
> Tél: +33(0)489 829 238
> Fax: +33(0)955 260 370
> http://www.janua.fr <http://www.janua.fr/>
> <http://www.janua.fr/images/6g_top.gif>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list