I'm using angular oauth2 oidc library for user identification inside of keycloak. Is it possible with this library to use idpHint to redirect to a valid identity provider?
I didn't find it as part of the config object, I don't know what else to look
Asked
Active
Viewed 301 times
1 Answers
0
It does not seem to be part of the library indeed, which at first glance makes sense since it's not part of the OpenID Connect (core) spec I think? Is idpHint perhaps a custom parameter for Keycloak?
For complete control you could create a subclass of the main service and override createLoginUrl, but you can also use customQueryParams (see docs) if the value for idpHint is more stable. That depends on your situation (not really enough info in your question to tell which you'd need).
Jeroen
- 60,696
- 40
- 206
- 339
-
The parameter name for the Keycloak-idpHint-feature is `kc_idp_hint` and it must be passed to the `..openid-connect/auth?...` request. I guess the `customQueryParams` is the correct palace to put it. I do not know the angular oauth oidc library but in `oidc-client-ts` it can be solved as follows: `const manager = new UserManager({ client_id: ..., extraQueryParams: {kc_idp_hint: "my-idp-hint"}})` – Marc Schmid May 16 '23 at 15:42