[keycloak-user] Setting custom redirect URI in SAML Identity Provider

Edgar Vonk - Info.nl Edgar at info.nl
Tue Feb 26 11:03:53 EST 2019


We use a SAML Identity Provider configuration in Keycloak to broker identities to an external SAML-based Identity Provider. This works fine but now we have the requirement that after authentication the user needs to be redirected first to a reverse-proxy and only then back to us (as in: Keycloak). I.e. we need to configure a custom redirect URI in our SAML Identity Provider in Keycloak..

However this redirect URI seems to be generated on-the-fly in Keycloak and the hostname part seems always set to the host where Keycloak runs on?

Our question is: is this redirect URI configurable at all and if not, how could we go about setting it ourselves (the hostname part at least)? I guess that we would need to create our own custom Identity Provider (e.g. extension of the SAMLIdentityProvider and related Java classes) and install this in Keycloak? 

More information about the keycloak-user mailing list