Keycloak SPID providers configuration client
A NodeJS client to automatically configure a Keycloak instance already setup with keycloak-spid-provider plugin
- downloads metadata for all 10 official SPID IdPs and creates related Keycloak configuration along with mappers
- creates Keycloak configuration for AgID SPID Demo Validator (https://demo.spid.gov.it/validator)
- creates Keycloak configuration for AgID SPID Validator (for accreditamento) (https://validator.spid.gov.it)
- creates Keycloak configuration for a local spid-saml-check instance
Requirements
Docker or node and npm
Configuration
Copy .env-example to .env, configure it and wipe out the comments
If you want to have official AgID SPID Demo Validator (https://demo.spid.gov.it/validator) enabled, set the following .env file properties
createSpidDemoIdP = true If you want to have official AgID SPID Validator (https://validator.spid.gov.it) enabled, set the following .env file properties
createSpidValidatorIdP = true If you have a local spid-saml-check instance, set the following .env file properties
createSpidTestIdP = true
spidTestIdPAlias = spid-saml-check
spidTestIdPMetadataURL = https://localhost:8443/metadata.xmlRunning the tool
Docker
Easiest way by leveraging Docker:
makeWithout Docker
If you have NodeJS installed
npm install
npm run create-idpsAuthentication flow
By default, the new IdPs are created with a SPID-specific Authentication Flow, as per https://github.com/italia/spid-keycloak-provider/wiki/Configuring-the-Authentication-Flow - this is named First Broker Login (SPID) (ref. idpmodel.json#L11) and must be created before running the client.
SPID access button integrated in Keycloak theme
Credits
- forked from https://github.com/GermanoGiudici/keycloak-spid-provider-configuration-client (kudos to @GermanoGiudici)
- this project is released under the Apache License 2.0, same as the main Keycloak package.