We migrated to SAML authentication In IQServer. ( SSO handled via a keycloak instance )
All is working fine except for IDE plugins and IQServer API.
SAML users are known at Keycloak level only which require an login redirect, hence we are no more able to use IDE plugins and IQServer API.
One common solution to this type of problem is to use tokens :
- The developer connect to the UI with it’s SAML account
- They generate a token from the IQServer UI
- They use the token in plugins of its favorite IDE or API.
However, it’s currently not possible :
- IQServer don’t provide the generation of token from the UI ( whereas it’s possible in Nexus Repository )
- Even if we reuse the session cookie from the browser, it’s seems to be blocked for SAML authentication.
IQServer reply with the message : error 400 : The login method that has been utilized for authentication does not support the creation of user tokens
May you please tell me what you think of this ?
Thx and regards
Note : We can’t add users back as local users in IQServer.