Identity Provider Redirector

The Identity Provider (IdP) Redirector in Keycloak allows users to be automatically redirected to their external identity provider, e.g. Microsoft Entra ID, without displaying the Keycloak login page.

When the IdP Redirector is configured, users accessing a Spark tenant URL are immediately redirected to the configured identity provider for authentication.

How the redirect works

User opens the Spark tenant URL.
Spark redirects the user to Keycloak.
Keycloak automatically redirects the user to the configured Identity Provider.
The user authenticates with their corporate identity provider.
Keycloak receives the authentication response and grants access to Spark.

IdP Redirector request

To configure the IdP Redirector please contact Support and provide the following information:

Data

Description

Spark tenant URL

The Spark tenant URL identifies which tenant should trigger the redirect, e.g. https://spark.myenvironment.coherent.global/mytenant.

Identify provider alias

The identity provider alias is the internal Keycloak identifier for the configured identity provider. The IdP Redirector uses this alias to determine which identity provider users should be redirected to. To find your IdP alias: 1. Open a new tab in your browser and login to the target Spark tenant. Access the Keycloak console from the User menu. 2. Navigate to Realm and Identity Providers. 3. Select the configured identity provider. 4. Locate the field Alias, e.g. azure-ad.

Last updated 2 days ago

hashtagHow the redirect works

hashtagIdP Redirector request

How the redirect works

IdP Redirector request