SAML 2.0 integration for Angular(SPA) front end and spring Boot backend

2
votes

I need to integrate angular front end with spring boot backend (REST API's) with SAML 2.0 and my identity provider is keycloak.

I have used SAML2-js library to integrate with the front end, now how do I secure my backend spring rest apis with the saml assertion that I have received after successful login in the frontend. What I can get in front is nameID and session index. If anyone has integrated to secure the spring backend rest API using SAML please let me know any documentation or any write up on these.

Thanks!

1
angularjssingle-sign-onkeycloaksaml-2.0spring-saml
Welcome to stackoverflow. This site is Q&A specific, so please ask concrete technical questions, as general questions asking for recommendations / tutorials are not in the scope of the site: stackoverflow.com/help/dont-askXtreme Biker
@XtremeBiker, fine you may remove the qs if it's out of line.cric

1 Answers

0
votes

What I have done for the above problem is I've used OIDC integration for login flow with 2 clients one for frontend with authorization code flow and another client with bearer only for my backend to secure the REST APIs.

For providing SSO with SAML 2.0 I have used identity brokering from Keycloak which provides seamless SSO.