Configuring Keycloak as IdP for ADFS2016 in OpenIdConnect protocol


I am working on a specific authentication infrastructure based on ADFS2016 and Keycloak as Identity Provider.
The client app must authenticate through OpenIdConnect protocol.

Here is what I set up :

** On keycloak side **

Configure/Clients : Client ID = http://dse1gcdsysadfs1.GCDSYS.LOCAL/adfs/services/trust

** On ADFS side **

** On App client side **

Web.config : ADFS address : ht tps://dse1gcdsysadfs1.gcdsys.local/FederationMetadata/2007-06/FederationMetadata.xml

Result : when authenticating from my client app, I am redirected to the Keycloak logon window, I enter some right credentials, and then I am redirected to my client app page, but I don’t get the attributes of my keycloak authenticated user (ID, name, e-mail, etc).

I have then 2 questions :

  • How to setup claims on ADFS and Keycloak in order to get my user attributes ?
  • the setup made on ADFS and Keycloak refers to SAML, so I guess I am using SAML protocol when my client app is authenticating; is it possible to use OIDC instead of SAML ?

Any help would be appreciated.