Customize IDP Redirect Page

Krunchy_the_Klown · January 17, 2023, 11:48pm

I have a couple of external OIDC IDPs configured in Keycloak version 20 deployment.
Logging in using these IDPs works great.

But one thing has come up, where in the middle of all the redirects to the external IDP, there is a quick flash of a Keycloak themed page, that says something like ‘Authentication Redirect’.

This happens just before I land on my external IDP login page, and it’s a really quick flash.

I want to customize that quick flash page to be blank - essentially themed to be nothing, so it removes the quick flash, and all I see is the external IDP login through all the redirects.

Which Keycloak FTL page do I need to customize to do this?

xgp · January 18, 2023, 8:22am

github.com

keycloak/keycloak/blob/main/themes/src/main/resources/theme/base/login/saml-post-form.ftl

<#import "template.ftl" as layout>
<@layout.registrationLayout; section>
    <#if section = "header">
        ${msg("saml.post-form.title")}
    <#elseif section = "form">
        <script>window.onload = function() {document.forms[0].submit()};</script>
        <p>${msg("saml.post-form.message")}</p>
        <form name="saml-post-binding" method="post" action="${samlPost.url}">
            <#if samlPost.SAMLRequest??>
                <input type="hidden" name="SAMLRequest" value="${samlPost.SAMLRequest}"/>
            </#if>
            <#if samlPost.SAMLResponse??>
                <input type="hidden" name="SAMLResponse" value="${samlPost.SAMLResponse}"/>
            </#if>
            <#if samlPost.relayState??>
                <input type="hidden" name="RelayState" value="${samlPost.relayState}"/>
            </#if>

            <noscript>
                <p>${msg("saml.post-form.js-disabled")}</p>

This file has been truncated. show original

mbonn · January 18, 2023, 8:30am

If your SAML IdP supports redirect binding, you can switch from POST auth requests to REDIRECT auth requests. In the identity provider setup, change the “Single Sign-On Service URL” to the redirect URL of the IdP and switch “HTTP-POST Binding for AuthnRequest” to OFF.

Topic		Replies	Views
How to change “Update Account Information” page Getting advice oidc	3	1890	May 31, 2024
Logging into SSO directly through client application without going through keycloak login page and clicking abutton authentication , saml	8	1601	September 27, 2021
Skip IDP redirector / saml-post-form.ftl page Getting advice	5	1334	January 23, 2023
Conditional IdP Redirector or custom username followed by password login screens? Configuring the server	2	2981	April 6, 2021
Keycloak Custom Themes Modification Getting advice	3	141	May 22, 2024

Customize IDP Redirect Page

Related topics