I have integrated Keycloak with Webex; when users try to login Webex it redirects to my Keycloak login page, but I have to write down the username again (the same username I wrote down at Webex login), is there a way to “autofill” the username box at Keycloak with the one I have provided at the SP (Webex)?
It’s not a big deal, but it’s annoying to my users having to write down the same username twice always.
Azure AD / Office 365 sends the following SAML request to Keycloak:
Request URL: https://keycloak.example.com/auth/realms/example/protocol/saml
Request Method: POST
Form data:
- Relaystate: ....
- SAMLRequest: ....
- username: user@example.com
However, the “username” field isn’t being used to prefill the Keycloak login form. Therefore the user has to enter the username twice:
Once at the office.com sign-in page so Azure AD known where the redirect the login to;
Once at the Keycloak login form.
What I would like is that the username field of the Keycloak login form is automatically filled in.
For anyone interested, I implemented this through the nginx reverse proxy by first storing the username in a cookie and then using substitution to insert it as the default value into the login form.
Below is the relevant part of the nginx configuration (specifically: ‘perl_set’, ‘add_header’, ‘sub_filter’, ’ sub_filter_once’):
For anybody that is wondering how to prefill the user name at all, you can have a look at these options, when calling .login(): loginHint, idpHint, here:
Hi, I’ve the same problem.
I didn’t understand the part “then using substitution to insert it as the default value into the login form”.
Where do you implemented (or configured) this substitution to prefill username reading cookie?
Thanks in advance for your answer.