How to configure keycloak so the assertion is sent in a soap message over the backend?

97 views

Skip to first unread message

Eric J. Van der Velden

unread,

May 5, 2022, 3:18:51 AM5/5/22

to Keycloak User

When I login to an application using keycloak, I see that the assertion is coming in over the frontend, via the browser. What should I do in the keycloak gui so that the assertion comes in in a soap message over the backend?

gilles.etc...@gmail.com

unread,

May 6, 2022, 5:16:15 AM5/6/22

to Keycloak User

Hello,

As I understand, you are looking for using the SAML Artifact binding : only a code is send via the browseer to your backend and the backend exchange it against the SAML response in a back to back exchange.

The artifact binding seems to be introduced in KC 13 and can be configured in a per client basis : see Artifact Binding URL and Artifact Resolution Service in https://www.keycloak.org/docs/latest/server_admin/#_client-saml-configuration

Hopes this helps.

Regards,

Gilles ETCHEPAREBORDE

Reply all

Reply to author

Forward

0 new messages