libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-14902 Replace SAML SP metadata export with link to descriptor

Browse source
This commit is contained in:
Luca Leonardo Scorcia 2020-08-21 23:25:08 +02:00 committed by Hynek Mlnařík
parent 695457d46a
commit cc2150dd90
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
server_admin/topics/identity-broker/saml.adoc
View file

@ -80,16 +80,18 @@ You can also import all this configuration data by providing a URL or XML file t
[[_identity_broker_saml_sp_descriptor]]
==== SP Descriptor
Once you create a SAML provider, there is an `EXPORT` button that appears when viewing that provider.
Clicking this button will export a SAML SP entity descriptor which you can use to import into the external SP.
If you need to access the provider's SAML SP metadata, look for the `Endpoints` item in the identity provider configuration settings. It contains a link called
`SAML 2.0 Service Provider Metadata` that generates the SAML entity descriptor for the Service Provider. You can either download it or copy its URL and then import it in the remote Identity Provider.
This metadata is also available publicly by going to the URL.
This metadata is also available publicly by going to the URL:
[source]
----
http[s]://{host:port}/auth/realms/{realm-name}/broker/{broker-alias}/endpoint/descriptor
----
Make sure to save any configuration changes before accessing the descriptor or they will not be reflected in the metadata.
[[_identity_broker_saml_login_hint]]
==== Send Subject in SAML requests