Resurrecting an old question from 2020

We’re trying to use Keycloak as a broker for an ultra common IDP in Sweden, it’s called BankID, and the common implementation involves adding a query parameter to the url that tells the IDP whether to expose a web page with a QR code (which then can be scanned by their mobile application etc), or whether this mobile application resides on the same device. In the latter case you’d get a token and then their application would be opened in the same device.

This look very much like what I’m looking for but it has no effect. This parameter is not forwarded onto the Authorization URL for this idp.

Here’s the old question I was referring to in the topic:

Super thankful for any kind of input!


1 Like

Okay now, found the solution together with my colleague. So, we learnt that the query params are forwarded from the /auth endpoint, and not from the idp buttons in the keycloak login template.