Allow JS client to pass Forwarded Query Parameters in login call #20
Comments
|
It looks like this could be straight forward to add to the keycloak-js client by adding another option? There looks to be a pattern in place for optional fields in the function to generate the login url? https://github.com/keycloak/keycloak-ui/blob/main/libs/keycloak-js/src/keycloak.js#L457 |
|
@ssilvert If this is a gap in keycloak-js is this the correct project? As far as I can tell the KC backend supports forwarding query params but the JS client has no way to pass them? |
|
Can we get any updates on this? This potential fix has been floating around for longer than this issue keycloak/keycloak#13094 |
jonkoops
added
good first issue
|
can't we simply allow loginOptions to be defined within the initOptions and passed to the declaration of the empty object declared on https://github.com/keycloak/keycloak/blob/54af571f1ebd816e2022e26b90ec6048fe3a8051/js/libs/keycloak-js/src/keycloak.js#L231 Is there any reason the login options are abstracted away during init? it appears that only locale is propagated in this abstraction and no other initOption: https://github.com/keycloak/keycloak/blob/54af571f1ebd816e2022e26b90ec6048fe3a8051/js/libs/keycloak-js/src/keycloak.js#L198 |
|
Hi there - any update on this? We really need this functionality - thanks! |
See keycloak#13094 Fixes #15397 Signed-off-by: Ben Immanuel <[email protected]>
See keycloak#13094 Fixes #15397 Signed-off-by: Ben Immanuel <[email protected]>
Description
In the configuration of an Identity Provider there is a option called "Forwarded Query Parameters" which allows non-standard OIDC/Oauth params to be forwarded to an external IDP. Currently the JS client provides the
idpHintparameter to tell a project to skip the login page and redirect to an external IDP. The JS client however does not provide a way to pass the "Forwarded Query Parameters" to the project before redirecting.This enhancement would be to add a new option to the JS client login request, that would pass the "Forwarded Query Parameters" to the project on the call to login.
(Example of the "Forwarded Query Parameters" in Keycloak admin view)Discussion
keycloak/keycloak#13094
Motivation
This feature should be added as it appears to be a gap in the JS client. The Keycloak server seems to support this functionality but the JS client provides no way to use it. The "Forwarded Query Parameters" may be necessary for a Keycloak project to redirect to an external IDP.
Without the ability to forward parameters, applications that would normally use the Keycloak client may need to fork the Keycloak client or use hacks to ensure parameters are forwarded. This may lead to problems upgrading in future.
Details
No response
The text was updated successfully, but these errors were encountered: