Saltar al contenido principal

Keycloak (SAML)

This guide configures Casdoor as a SAML v2.0 identity provider in Keycloak.

Add the SAML IdP in Keycloak

  1. In the Keycloak admin console, go to Identity providers and add SAML v2.0.
  2. On the IdP configuration page, set Alias and paste the Casdoor metadata URL into Import from URL (you can copy this from the Casdoor application edit page).
  3. Click Import so Keycloak fills the SAML settings.
  4. Note the Service Provider Entity ID and save.

saml_keycloak_idp_create saml_keycloak_idp_edit

información

See Keycloak SAML Identity Providers for full options.

Configure the application in Casdoor

In the Casdoor application edit page:

  • Add a Redirect URL that matches the Service Provider Entity ID from Keycloak.
  • Enable SAML compress for Keycloak.

saml_keycloak_compress

Sign in with Casdoor SAML

On the Keycloak login page, use the button for the Casdoor SAML provider. You will be redirected to Casdoor to sign in, then back to Keycloak. Assign users to the application as needed.

saml_keycloak_login saml_keycloak_success