Keycloak as a SAML SP

[Sar]

Can keycloak act as a SAML SP having added a SAML IDP to it? The reason i ask is because i am unable to find the metadata SP url. I know the metadata URL for it acting as an IDP, however i need it to be an SP and require that URL so that the IDP can use it and register keycloak as an app. https://<keycloak_hostname>/realms/<realm_name>/protocol/saml/descriptor

[Michal Hajas]

Keycloak exposes one SP metadata per identity provider configuration. If you create a new SAML 2.0 Identity provider in Keycloak admin console, there should be a link visible on IDP details page:

The URL is the following:

http://<keycloak_hostname>/realms/<realm_name>/broker/<identity_provider_alias>/endpoint/descriptor

Note: the metadata descriptor is available only after you save the IDP configuration. 

On Thu, Aug 24, 2023 at 10:35 PM Sar <sar.h...@gmail.com> wrote:

Can keycloak act as a SAML SP having added a SAML IDP to it? The reason i ask is because i am unable to find the metadata SP url. I know the metadata URL for it acting as an IDP, however i need it to be an SP and require that URL so that the IDP can use it and register keycloak as an app. https://<keycloak_hostname>/realms/<realm_name>/protocol/saml/descriptor

--
You received this message because you are subscribed to the Google Groups "Keycloak User" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-user/88a6bea3-d85d-4274-ba79-694cd965ab48n%40googlegroups.com.