Hello,
When proxmox authenticates against keycloak, you can configure the issuer-url for keycloak using the following url:
And this works just ok in my case. Now, with keycloak there's an option for the client to specify what identity provider should be used by adding the url parameter `kc_idp_hint`. Now, adding this directly to the abovementioned URL won't work, because proxmox will use that URL to authenticate against various other endpoints and the parameter will result in a 500 error.
Any ideas how this could be achieved so that the user will be redirected to the identity provider without having to manually click on it on the keycloak page?
There is a way to configure a default identity provider in keycloak, but this will apply to the whole realm, so there won't be any difference between different clients that might need different providers. Let alone the fact that local users configured on that realm won't be accessible anymore, because the default will be the redirection to that identity provider.
When proxmox authenticates against keycloak, you can configure the issuer-url for keycloak using the following url:
Code:
https://example.com/realms/my_realmAnd this works just ok in my case. Now, with keycloak there's an option for the client to specify what identity provider should be used by adding the url parameter `kc_idp_hint`. Now, adding this directly to the abovementioned URL won't work, because proxmox will use that URL to authenticate against various other endpoints and the parameter will result in a 500 error.
Any ideas how this could be achieved so that the user will be redirected to the identity provider without having to manually click on it on the keycloak page?
There is a way to configure a default identity provider in keycloak, but this will apply to the whole realm, so there won't be any difference between different clients that might need different providers. Let alone the fact that local users configured on that realm won't be accessible anymore, because the default will be the redirection to that identity provider.