Setting up KeyCloak as SAML IDP

Owned by Shantaveer Hosamath
Last updated: Aug 16, 2024
2 min read

Introduction

By setting up Keycloak as a SAML Identity Provider (IDP), organizations can enable secure Single Sign-On (SSO) across multiple applications, allowing users to authenticate with Keycloak and gain access to various Service Providers (SPs) using the SAML 2.0 protocol. This playbook outlines the steps to configure Keycloak as a SAML IDP, including the initial setup, SAML-specific configuration, and integration with service providers, with the goal of establishing a reliable and secure authentication process that meets organizational security requirements.

Account setup on KeyCloak

  • Sign in to your KeyCloak account and click on Create Client

    image-20240816-001530.png

  • Enter Client ID and Name, Ex: FirstwaveSAML

    image-20240816-001656.png

     

  • Navigate to Access settings, Provide Root URL and redirect URL (your Firstwave application URL)

     

  • Click on Advanced tab, Enter ACS URL under Assertion Consumer Service POST Binding URL & Save.

     

  • Adding New User & creating Custom Attribute ID(Ex: Username)

    • Click Users=>Add User, provide details and create a user as shown below.

       

    • Navigate to Attributes tab and add attribute in same user details page.