Social Media login

I am new user using keycloak to implement my company website to authenticatte. I was wondering that what protocol social media login using in keycloak? Did it using oauth2. If it using oauth2, i want to change from oauth2 to SAML 2.0 (because we want to using SAML protocol). How to do that? Thank you so much.

Keycloak supports OpenID Connect, plain OAuth2 and SAML2 clients.

It also supports generic OpenID Connect, Keycloak and SAML2 identity providers.

Note that it doesn’t support OAuth2 identity providers because there is no such a thing. OpenID Connect is the federated login for OAuth2.

Some providers have proprietary extensions and custom configurations needed beyond what is necessary for a generic OpenID Connect identity provider. Keycloak comes out of the box with support for the most used, like google, facebook, github, gitlab, linkedin, twitter and others.

There are support for other providers via plugins, like this one for Discord: GitHub - wadahiro/keycloak-discord: Keycloak Identity Provider extension for Discord

So, if you want to change your client from OAuth2 to SAML2, just create another client in the realm config. If you need to change your identity provider from OAuth2 to SAML2, you probably have not an oauth2, but openid connect identity provider. In that case, you need to check if the provider supports SAML2 and what are the necessary configurations.

Did i using keycloak to authenticate in SPA like react or vuejs with SAML protocol. I read a lot of topic. If i am not wrong, SAML protocol can’t using with SPA.

I am using frontend is reactjs, backend is golang. And i want using keycloak to authenticate with SAML protocol. But i am not sure it’s work with SPA. If it’s working, did i have to write code in backend?

I’m not very familiar with SAML, but from what I know, it’s not possible to use it in a single page application. But it’s possible in a backend for frontend architecture.

See Why You Wouldn’t Use SAML in a SPA and Mobile App | Official Products & Services for IdentityServer