Hello community,
I am using Keycloak as Service Provider and SP-Validator as IDP.
I came to know that Keycloak doesn’t verify Request ID against IDP’s InResponseTo value.
I need to know is there any way I can get request id while validating SAML response from IDP?
I am guessing Keycloak stores request id in session but I was not able to find any sort of info in session/cache.
Please help me to verify request id while validating the SAML response.
Thanks in advance.