For a single realm, I have many SSO providers defined. I have multiple sites using the that realm. Is there a way to hide some SSO buttons on the login page depending on the site doing the login?
I am configuring in Spring Boot. Is there a way to associate client scopes with identity providers? That way each application could define the scopes for the Idp’s they way to show?
security:
oauth2:
client:
registration:
keycloak:
client-id: app-name
client-authentication-method: none
authorization-grant-type: authorization_code
scope:
- openid
provider:
keycloak:
issuer-uri: https://domain.com/realms/app=-name
user-name-attribute: preferred_username
Alternatively, I saw this setting in the definition of the Idp.
However it looks like kc_idp_hint
is for bypassing the login screen and going straight to the provider which is not quite what I want.
https://www.keycloak.org/docs/latest/server_admin/index.html#_client_suggested_idp