Configuring multiple external idps on Keycloak

I have configured Single sign-on using Identity brokering where the external IDPs use OIDC/SAML to connect to my application, SSO is working as intended but my concern is; we have many organizations connecting to my application and providing SSO to them would make a long list in the login page as and when configured.

Any suggestions to the flow or how to make sure the user1 from org1idp is directed to org1idp login similarly for user2 from org2idp … userN from orgNidp

Further, I have checked kc_idp_hint which works well if provided the user with the external link and my app also has a native mobile app.

Hi @cric1, I have a similar requirement. My users are looking to start the workflow from the IDP. In your case, as shown in the screenshot, you have a long list of IDP buttons, which can be very confusing. Did you find another solution?

You could modify the login.ftl page to group the IDPs in a more suitable way (list, combobox, …) and add a text field to provide some filtering functions. You also could provide a possibility for users to save their preferred IDP, so in further visits the preferred IDP is preselected.
But all this requires many Javascript…
An example, how this could be look like:
(German site at KIT for federated SAML-based logins to universities and other research institutions.)


@KeycloakUser1 We have used kc_idp_hint to hide the organisations and have modified the login.ftl to our needs which masks the user from knowing the other organisations. User will type the company name in text box called login for sso. You can get the flow clue from this Heroku | Login we have implemented similarly.