[keycloak-user] How to allow only tokens with a specific claim at identity brokering in KeyCloak?
Iurii
yurexus at gmail.com
Tue Jul 9 08:21:39 EDT 2019
Hello,
I am using KeyCloak with two external identity providers configured for
identity brokering. There is a requirement to not allow accessing the
application protected with KeyCloak if the token issued by one of the
external identity providers doesn't contain a specific claim.
In other words - if external IdP "A" issues a token without claim "xxx"
equal to "yyy", KeyCloak must not allow logging in.
Is it possible to configure this in KeyCloak, or I will have to modify the
application protected with KeyCloak to check this condition?
Thanks!
More information about the keycloak-user
mailing list