Keycloak IdP SAML 2将XML metdata导出到SP [英] Keycloak IdP SAML 2 Export of XML metdata to an SP

问题描述

我使用的是新安装为独立应用程序的Keycloak版本1.6.1.

I'm using Keycloak version 1.6.1, newly installed as a standalone application.

Keycloak应该充当名为Tableau的SP(服务提供者)的IdP(身份提供者).

Keycloak should act as an IdP (Identity provider) for an SP (Service Provider) called Tableau.

我已从此页面阅读: http: //blog.keycloak.org/2015/03/picketlink-and-keycloak-projects-are.html

... Keycloak从Identity Broker成长为完全成熟的人 身份提供者

... Keycloak from being Identity Broker grew into being fully fledged Identity Provider

虽然它是一个身份代理，但现在它也是一个身份提供者.

While it was an Identity Broker, it is now also an Identity Provider.

那我的问题是:

我已经从Tableau导出了SP XML元数据，并将其导入Keycloak，但是从Keycloak导出IdP XML元数据(应导入Tableau)时，我找不到按钮/命令/指南关于如何导出此XML文件的任何事情.

I have exported the SP XML Metadata from Tableau, which I imported into Keycloak, but when it comes to the export of the IdP XML Metadata from Keycloak (which should be imported into Tableau) I cannot find the button/command/guide anything about how to export this XML file.

我已经与其他IdP一起使用，它们都支持IdP元数据的导出，您可以在此处查看示例:

I have worked with other IdPs and they all support this export of IdP Metadata which you can see an example of here: https://docs.oracle.com/cd/E19636-01/819-7664/g2enua/index.html

如果我搜索Keycloak和关键字IDPSSODescriptor，则会发现以下内容:

If I search for Keycloak and the keyword IDPSSODescriptor I find this: grepcode.com/file/repo1.maven.org/maven2/org.keycloak/keycloak-saml-protocol/1.1.0.Beta2/idp-metadata-template.xml

这正是我需要的模板"，在所有$ {idp.sso.HTTP-POST}等位置上都有正确的链接.

Which is exactly the 'template' I need, with the correct links on all ${idp.sso.HTTP-POST} etc. places.

我应该手动创建文件吗?如果可以，如何找到正确的POST，REDIRECT等URL?

Should I create the file manually - if so how do I find the correct POST, REDIRECT etc. URLs?

或者有什么方法可以导出我没有看到的文件?

Or is there some way of exporting this file I haven't seen?

推荐答案

有时候，以书面形式指定您需要的东西是一件好事，这是我在Stack Overflow上所做的.

Sometimes it's a good thing to specify in writing what you need - which I did here on Stack Overflow.

我找到了可以在Keycloak上导出IdP XML的URL

I found the URL to where on Keycloak one can export the IdP XML

https://keycloak-url/realms/{REALM-NAME}/protocol/saml/descriptor

那给了我IDPSSODescriptor.

That gave me the IDPSSODescriptor.

我将在此保留此线程，以便人们可以从我的错误中受益.

I'll leave this thread here, so people can benefit from my mistakes.

这篇关于Keycloak IdP SAML 2将XML metdata导出到SP的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！