website logo
⌘K
🤗Welcome
🚀Engineering success
🧭Alignment
⚡Delivery
💗Health
🏷️Categorizing work
Dimensions
Initiatives
Teams
🎯Measuring success
Defining targets
Delivery performance
🔌Data connections
🔔Automated reports
🎓Reference
👤Administration
📅Changelog
Docs powered by
Archbee
website logo
Sign upLogin
Administration
Single sign-on

Keycloak

7min

Setup with Keycloak as SAML Identity Provider

Keycloak settings

  1. In the Keycloak admin console, head to Clients and click Create
  2. Select SAML as Client Protocol and complete the ClientID and Client SAML Endpoint with the Echoes SP information that can be found on the configuration page.
  3. Click Save.
Create SAML client
Create SAML client


You will then be redirected to the Keycloak configuration page of the client for further configuration.

On this page, you should have the following configuration

  • Client Signature Required should be turned OFF
  • Sign Documents & Sign Assertions should be turned ON
SAML client full configuration
SAML client full configuration


In the Mappers section, configure the SAML attributes mapping required by Echoes.

Attributes mapping
Attributes mapping


All attribute's NameFormat should be Basic.

Email attribute
Email attribute

LastName attribute
LastName attribute

Firstname attribute
Firstname attribute


Echoes settings

SAML Sign-in URL

Should have the form of: https://<your-keycloak-domain>/auth/realms/<your-realm>/protocol/saml

Public Key x.509 Certificate

Can be found in the Keycloak realm's Keys -> Certificate.

Updated 03 Mar 2023
Did this page help you?
PREVIOUS
Jumpcloud
NEXT
Linking identities
Docs powered by
Archbee
TABLE OF CONTENTS
Setup with Keycloak as SAML Identity Provider
Keycloak settings
Echoes settings
SAML Sign-in URL
Public Key x.509 Certificate
Docs powered by
Archbee