PR feedback: prompt=none to SAML IsPassive

7 views

Skip to first unread message

Mikkel Bernhof Jakobsen

unread,

Sep 17, 2025, 1:31:26 PM (9 days ago) Sep 17

to Keycloak Dev

Hi,

I recently submitted a PR (my first @ keycloak) that closes a feature gap when it comes to propagating an OIDC client's "prompt=none" request to a SAML "IsPassive" request to a backing SAML IDP.

This scenario currently "works" if you know the hidden IDP config option that enables this and are configuring SAML IDPs via json/API. The PR adds a few missing links to make this feature supported:

* adds UI option to allow forwarding passive auth requests to SAML IDPs (already exists for OIDC IDPs)

* adds support for SAML "NO_PASSIVE" error that indicate that user cannot establish a session silently

https://github.com/keycloak/keycloak/pull/41610

Looking forward to getting some feedback on this!

Regards,

Mikkel

Reply all

Reply to author

Forward

0 new messages