Answers for "Keycloak: How to login only through identity provider"

0

Keycloak: How to login only through identity provider

Keycloak: How to login only through identity provider

I have an Keycloak Broker and 2 Identity Providers running. Currently I saw the Username and Password fields and the 2 links to the configured Identity Providers at the broker login screen. The login through Identity Providers is possible after klicking a IP link.
How can I disable/remove the Username/Password fields because I want to provide only the Identity Providers to login to my Client (without the possibility to login directly through the Broker)?



There are few out-of-box features that might work.
If you need only one default IdP, you can configure a Default Identity Provider for your realm. This will bypass the Keycloak login page and redirect the user straight to the Identity Provider. More info: https://www.keycloak.org/docs/latest/server_admin/index.html#default_identity_provider
For multiple identity providers, this wouldn't work - but you could use the client-suggested identity provider feature (https://www.keycloak.org/docs/latest/server_admin/index.html#_client_suggested_idp). By adding a kc_idp_hint query string parameter on the link to the Keycloak login page, it will bypass the login and go directly to that IdP. In your web application, you can construct a set of links or buttons for each provider and add the kc_idp_hint into it. However, this won't stop someone clever from still getting to the normal Keycloak login page.
Creating your own login theme may be the most straightforward approach, but I wanted to toss out these options in case anyone else finds it useful.
Posted by: Guest on June-04-2021

Code answers related to "Keycloak: How to login only through identity provider"

Browse Popular Code Answers by Language