website logo
Sign upLogin
⌘K
🤗Welcome
🚀Engineering success
🧭Alignment
⚡Delivery
💗Health
🏷️Categorizing work
Dimensions
Initiatives
Teams
🎯Measuring success
Defining targets
Delivery performance
🔌Data connections
Data sources
Data exports
API authentication
🔔Automated reports
Email report
Slack reports
🎓Reference
👤Administration
📅Changelog
2023
2022
Docs powered by archbee 
7min

Keycloak

Setup with Keycloak as SAML Identity Provider

Keycloak settings

  1. In the Keycloak admin console, head to Clients and click Create
  2. Select SAML as Client Protocol and complete the ClientID and Client SAML Endpoint with the Echoes SP information that can be found on the configuration page.
  3. Click Save.
Create SAML client
Create SAML client


You will then be redirected to the Keycloak configuration page of the client for further configuration.

On this page, you should have the following configuration

  • Client Signature Required should be turned OFF
  • Sign Documents & Sign Assertions should be turned ON
SAML client full configuration
SAML client full configuration


In the Mappers section, configure the SAML attributes mapping required by Echoes.

Attributes mapping
Attributes mapping


All attribute's NameFormat should be Basic.

Email attribute
Email attribute

LastName attribute
LastName attribute

Firstname attribute
Firstname attribute


Echoes settings

SAML Sign-in URL

Should have the form of: https://<your-keycloak-domain>/auth/realms/<your-realm>/protocol/saml

Public Key x.509 Certificate

Can be found in the Keycloak realm's Keys -> Certificate.

Updated 03 Mar 2023
Did this page help you?
Yes
No
UP NEXT
Linking identities
Docs powered by archbee 
TABLE OF CONTENTS
Setup with Keycloak as SAML Identity Provider
Keycloak settings
Echoes settings
SAML Sign-in URL
Public Key x.509 Certificate