-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Restriction with an Identity Provider appears to be non-functional #114
Comments
Hello @mdurand54, thanks for reporting this. You will have to configure post login flow for every identity provider. This has also already been discussed in KEYCLOAK-19538 and seems to be by design. Best regards |
Oh okay. Thanks for the explanation. So, I'm trying to configure a post login flow. Would it make sense to keep only the cookie and the authenticator part post login flow. Something like:
|
You may not even need the cookie authenticator, because that is generally checked before the IdP redirect already. If a sso cookie is present in the request, you should not get redirected to the IdP. |
Effectively, the extension is sufficient in the post login flow. Thank you very much for your help! |
Is there an existing issue for this?
Current Behavior
I am configuring the access restriction. I have no problem restricting access using
Username Password Form
. However, as soon as I use the configured identity provider, the restriction never applies.Expected Behavior
The same operation between the Username/password connection and the identifty provider connection.
Steps To Reproduce
Here is the connection flow I have:
Version
Anything else?
I searched through the existing issues, I did not find a clue to solve my problem. Sorry if this is the case.
I also wondered about "is this prodider supposed to work with an Identity Provider?". The only answer I could find in the README is here. And it just says, that this provider is better than the "Allow/Deny Access" feature which doesn't work with identity providers.
In any case, thank you for your work!
The text was updated successfully, but these errors were encountered: