Introduction
By setting up Keycloak as a SAML Identity Provider (IDP), organizations can enable secure Single Sign-On (SSO) across multiple applications, allowing users to authenticate with Keycloak and gain access to various Service Providers (SPs) using the SAML 2.0 protocol. This playbook outlines the steps to configure Keycloak as a SAML IDP, including the initial setup, SAML-specific configuration, and integration with service providers, with the goal of establishing a reliable and secure authentication process that meets organizational security requirements.
Account setup on KeyCloak
Sign in to your KeyCloak account and click on Create Client
Enter Client ID and Name, Ex: FirstwaveSAML
Navigate to Access settings, Provide Root URL and redirect URL (your Firstwave application URL)
Click on Advanced tab, Enter ACS URL under Assertion Consumer Service POST Binding URL & Save.
Adding New User & creating Custom Attribute ID(Ex: Username)
Click Users=>Add User, provide details and create a user as shown below.
Navigate to Attributes tab and add attribute in same user details page.
