SAML and web origins (CORS)

[Lars Ivar Igesund]

Hi!

I am currently implementing a SAML service provider, and have initially been using a Keycloak (v21) docker image as IdP for rapid iteration. There I have a realm and a SAML client. As I got to the part where the request is redirected to the IdP, the browser stalls at preflight CORS.

Googling I found several references to the field Web Origins, but couldn't find it in my admin view. In the end, looking through the github, I found a discussion stating that the Web Origins field isn't available on SAML clients, only OID.

I am thinking that this may still be a configuration issue which I would appreciate help on. But if not ...

Looking to implement SSO solutions for our app, SAML seems to still give more bang for the buck (and also what are the initial suggestions from our customers), so giving the SAML implementation in Keycloak modern features seems like a good idea.

In any case, since the functionality in general is in Keycloak, I assume it to be relatively easy to port it to SAML clients too. I am willing to try to do this with some suggestions on where to apply code, unless this is already in the pipeline or a two-liner by some experienced Keycloak developer.

Best,

Lars Ivar Igesund