This is the codeAbility Sharing Platform! Learn more about the codeAbility Sharing Platform.

Skip to content

Changes

Page history
Update KeyCloak Encountered Problems authored by Adrian Bracher's avatar Adrian Bracher
Show whitespace changes
Inline Side-by-side
KeyCloak-Encountered-Problems.md 0 → 100644
View page @ c1de2941
## InvalidFederatedIdentityActionMessage
### Description:
When logging in via Keycloak / TU Wien Identity Provider we see `InvalidFederatedIdentityActionMessage`, and cannot proceed.
![Screenshot_2024-04-22_at_14.37.52](uploads/3cbb758297fa299e6474c7022808ee64/Screenshot_2024-04-22_at_14.37.52.png)
### Cause:
In our case, the identity providers' X509 certificate expired.
### Solution:
1. Download the current SAML entity from [https://idp.zid.tuwien.ac.at/saml2](https://idp.zid.tuwien.ac.at/saml2). For other identity providers see [https://eduid.at/entities/idp/](https://eduid.at/entities/idp/)
2. Go to the [keycloak admin console](https://keycloak.sharing-codeability.uibk.ac.at/auth/admin)
2. Navigate to *Identity Providers* (left sidebar)
3. Choose *Vienna University of Technology*
4. Scroll to *Validating X509 Certificates*
6. Insert X509 certificate from SAML entity and click save
\ No newline at end of file