Learn how to configure Keycloak SAML for Infisical SSO.
Prepare the SAML SSO configuration in Infisical
Create a SAML client application in Keycloak
https://app.infisical.com
, and the Name field to a friendly name like Infisical.id
attribute, setting the Name field to ID, the Property field to id, and the SAML Attribute Name to id.Retrieve Identity Provider (IdP) Information from Keycloak
https://keycloak-mysite.com/realms/myrealm/protocol/saml
.Finish configuring SAML in Infisical
https://app.infisical.com
.Once you’ve done that, press Update to complete the required configuration.Enable SAML SSO in Infisical
Enforce SAML SSO in Infisical
AUTH_SECRET
and SITE_URL
environment variable for it to work:AUTH_SECRET
: A secret key used for signing and verifying JWT. This can be a random 32-byte base64 string generated with openssl rand -base64 32
.SITE_URL
: The URL of your self-hosted instance of Infisical - should be an absolute URL including the protocol (e.g. https://app.infisical.com)