Hey Guys,

Need help setting up SAML

I created a SAML client in keycloak, but the keycloak SAML fields are named differently to rocketchats, so im confused about what fields to setup in keycloak, and where to put them in rocketchat?

Ive been reading rocketchat documentation but still confused.

Rocket.Chat Documentation  - SAML

Rocketchat naively supports SAML setup via GUI (screenshot at botom)

I created a SAML client in keycloak, but as the keycloak fields seem to be named differently,

im confused about what fields to setup in keycloak, and where to put them in rocketchat.

These seem to be the 3 important feilds needed:

>Custom Entry Point ?

>IDP SLO Redirec URL ?

>Custom Issuer ?

Also rocket chat admin requires certificate info

>Custom Certificate (public CA cert for keycloak site) Correct?

>Public cert contents (Keycloak generated public key) Correct?

>Private Key contents (keycloak generated private key) Correct?

Also,

Should i turn on Sign Assertions?

Should i turn on Encrypt Assertions ?

I set a Master SAML Processing URL https://mykeycloakdomain:8443/rockechat/saml Correct?

I have NOT set:

Root URL

Valid Redirect URIs

Base URL

IDP Initiated SSO URL Name

IDP Initiated SSO Relay State

As i dont really know what to put…?

Everything else is default.

Do i need to do anything in client scopes?

Here is a screenshot of the rocketchat SAML admin page