Keycloak IdP brokering to SAML 2.0 IdP providers (ping federate)

1.2k Views Asked by At

I have a Rest service which is registered as bearer-only client in Keycloak (openid-connect). This Rest service works fine with keycloak auth protection. I also have Angular Web UI which bootstaps by keycloak js adaptor and get login screen from keycloak for authentication.

Now I have my user database behind Ping Federate IdP and I have no access to create SP connection.

What details should I provide to Ping Federate IdP admin to allow keycloak to act as broker between my Rest service/Angular UI and Ping federate IdP?

I tried adding SAML 2.0 IdP in keycloak and have to set SSO and SLO urls as /idp/startSSO.ping and /idp/startSLO.ping and when I try to access these URLs it throws error of contact admin.

Is my Rest service or Angular UI should have SAML2.0 adapters to communicate with keycloak? i.e. do my existing applications still work if I have to auth protect using SAML2.0 based IdPs via keycloak IdP brokering?

0

There are 0 best solutions below