No internet connection

Support SAML login via Keycloak

By KajMagnus @KajMagnus2020-07-29 09:13:13.457Z

It seems that via Keycloak, you can "add" SAML to Talkyard: (Talkyard probably will not support SAML natively the nearest many years, today is July 2020.)

  1. In Talkyard, configure OIDC login with Keycloak as the OIDC identity provider:
    https://www.keycloak.org/docs/6.0/server_admin/#oidc-clients
    (once OIDC is available — likely in August 2020)
    This makes Talkyard an Keycloak client; Ty will send people to Keycloack to login.

  2. Configure KeyCloak to be an Identity Broker, that is, a "help service" that connects Talkyard and other services you might have, with different identity providers (IDP:s), one of which can be your SAML 2 identity provider.

    Here you can read about Keycloak as an Identity Broker:
    https://www.keycloak.org/docs/6.0/server_admin/#_identity_broker

  3. Add your SAML 2 identity provider to Keycloak:
    https://www.keycloak.org/docs/6.0/server_admin/#saml-v2-0-identity-providers
    (I hope it's fine to combine a SAML identity provider with an OIDC client, don't know why wouldn't be.)

(Thanks for the idea, Joseph @elsherbini )

  • 0 replies