AWS Keycloak — SAML Federation in 2024

For older versions of keycloak from 2021/ 2022, please refer my older post — here.

If not a medium member, try using the link here to view it for free.

Important:-

• Keycloak Setup is out of scope for this project.
• Setting up AWS account is also out of scope! 😃
• The main agenda is adding SAML based Identity provider on AWS IAM, and here we are going to do that with the help of Keycloak.
• We will be able to login as federated user on the AWS(acts as service provider) console using IDP initiated SAML flow.

Preparing the Keycloak — Create Realm & Client

1. Create a new realm(Optional) — having a separate realm can help segregating client, user, roles, configuration, etc.

2. ⚠️ Download the saml metadata for AWS from here. Place it at a location in your PC.

3. Create a new client of SAML type, steps are below:-

• Click on the Import Client on the clients section under the specific Realm.