I want to connect a saml client to keycloak but the saml client does not accept the keycloak metadata.
The saml client needs a specific claim in the metadata:
<auth:ClaimType xmlns:auth=“http://docs.oasis-open.org/wsfed/authorization/200706” Uri=“http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress”>
The saml client is based on shibboleth and is connected to AD-FS. The email claim is needed for the SP to identify the user via email.
Is there a way to provide this claim in the keycloak metadata?