How to configure keycloak so the assertion is sent in a soap message over the backend?

34 views
Skip to first unread message

Eric J. Van der Velden

unread,
May 5, 2022, 3:18:51 AMMay 5
to Keycloak User
When I login to an application using keycloak, I see that the assertion is coming in over the frontend, via the browser. What should I do in the keycloak gui so that the assertion comes in in a soap message over the backend?

gilles.etc...@gmail.com

unread,
May 6, 2022, 5:16:15 AMMay 6
to Keycloak User
Hello,

As I understand, you are looking for using the SAML Artifact binding : only a code is send via the browseer to your backend and the backend exchange it against the SAML response in a back to back exchange.
The artifact binding seems to be introduced in KC 13  and can be configured in a per client basis : see Artifact Binding URL and Artifact Resolution Service in https://www.keycloak.org/docs/latest/server_admin/#_client-saml-configuration

Hopes this helps.

Regards,

Gilles ETCHEPAREBORDE
Reply all
Reply to author
Forward
0 new messages