Should I use the same client_id between application, keycloak as broker and Keycloak as IDP?

flag2006 · April 11, 2022, 6:16pm

Hi there,
here is my configuration : I have 2 Keycloak, one is broker, the other is IDP registred in the broker.
My application is asking the broker to get user authentication from IDP.
When setting up both broker and IDP, should I use the same client_id from application to broker and from broker to IDP ? The final purpose is to retrieve user attributes stored in the IDP, in the JWT token sent by the broker to my app (I use OIDC)
Thanks for helping!

HenkN · April 11, 2022, 8:34pm

That are separate clients.

In the IDP connection you configure the client that is available/created in the other keycloak server.

The client on the broker is technically not related to the clientid in the IDP.

flag2006 · April 11, 2022, 8:38pm

Very clear. Thanks @HenkN !

Topic		Replies	Views
How to reconcile client with client specific IdP SAML Getting advice identity-brokering	0	226	January 8, 2024
Associate service account with external identity provider Getting advice identity-brokering , oidc	3	2616	December 22, 2020
Account Usage for of Identity Provider in case of Identity Broker Getting advice identity-brokering , user-federation , oidc	0	361	March 21, 2023
Customise login per client Getting advice authentication , identity-brokering	0	377	March 10, 2023
Identity brokering, upstream idp selection without exposing idps Securing applications identity-brokering	5	1818	June 10, 2021

Should I use the same client_id between application, keycloak as broker and Keycloak as IDP?

Related topics