libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-14902 Replace SAML SP metadata export with link to descriptor

Browse source
This commit is contained in:
Luca Leonardo Scorcia 2020-08-21 23:25:08 +02:00 committed by Hynek Mlnařík
parent 695457d46a
commit cc2150dd90
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
server_admin/topics/identity-broker/saml.adoc
View file

@ -80,16 +80,18 @@ You can also import all this configuration data by providing a URL or XML file t
[[_identity_broker_saml_sp_descriptor]] [[_identity_broker_saml_sp_descriptor]]
==== SP Descriptor ==== SP Descriptor
Once you create a SAML provider, there is an `EXPORT` button that appears when viewing that provider. If you need to access the provider's SAML SP metadata, look for the `Endpoints` item in the identity provider configuration settings. It contains a link called
Clicking this button will export a SAML SP entity descriptor which you can use to import into the external SP. `SAML 2.0 Service Provider Metadata` that generates the SAML entity descriptor for the Service Provider. You can either download it or copy its URL and then import it in the remote Identity Provider.
This metadata is also available publicly by going to the URL. This metadata is also available publicly by going to the URL:
[source] [source]
---- ----
http[s]://{host:port}/auth/realms/{realm-name}/broker/{broker-alias}/endpoint/descriptor http[s]://{host:port}/auth/realms/{realm-name}/broker/{broker-alias}/endpoint/descriptor
---- ----
Make sure to save any configuration changes before accessing the descriptor or they will not be reflected in the metadata.
[[_identity_broker_saml_login_hint]] [[_identity_broker_saml_login_hint]]
==== Send Subject in SAML requests ==== Send Subject in SAML requests