Hi Folks,
I am trying to integrate my application with Microsoft ADFS SAML based IdP.
I created and configured Identity Provider in Keycloak. So now I’m getting option as login using ADFS IdP.
After selecting login using IdP on keycloak, I am redirected to a page on ADFS where I have to put my credentials and it authenticates my account credentials and redirects to the endpoint to my keycloak. After that, I get a page on Keycloak saying We’re sorry… invalidFederatedIdentityActionMessage.
I checked SAML response using SAML Tracer it shows status as Success.
Things I already checked as listed below.
- Signature Validation of x509 from Keycloak
- Set PROXY_ADDRESS_FORWARDING=true
- SSL Certification and http and https redirection
I have a DOUBT on Client Endpoint - It doesn’t shows SAML as Endpoint (Don’t know is it affect this issue or not)
In my Keycloak it shows single endpoint as shown below in image. I don’t know how to configure multiple endpoints in Keycloak.
Cheers,
Malak