XOA and SAML (keycloak)

zerealfox

Hello,
I'm facing an issue making XO working with SAML service provider plugin, connected to Keycloak Identity Provider.
Does anybody have an experience on this and the associated configurations?
Do you have any experience with another 2FA(MFA) identity provider?
Thanks in advance,
Pascal

olivierlambert

Sadly I have no experience with this kind of setup. What's your issue exactly?

zerealfox

Hello Olivier,
In fact I can't get SAML working with any SAML IdP.
I want to add 2FA to my XOA, without adding a reverse proxy in front of it and without delegating the authentication to a third party.
The only plugin to achieve it seems to be the SAML one.
Does anybody have any experience with any SAML IdP? I can change and use privacyID3A, openOTP, linOTP, or ...
But the information in the plugin configuration are scarce.
And I can't get a log of the requests.
All I got is an "an error has occurred" in plugin configuration page.
Thanks for your help
Pascal

olivierlambert

Ping @pdonias or @julien-f that might maybe know a bit more than me regarding this, but I'm not sure.

julien-f

I'm not overly familiar with SAML, but our plugin is based on this: https://github.com/bergie/passport-saml

Let us know if you find something relevant.