...
TDS team then takes over and finishes setup according to internal documentation Identity broker Azure AD OpenID Connect setup#Keycloakpart.
Google integration with TDS Keycloak using SAML
- Follow official instructions to set up custom SAML application - https://support.google.com/a/answer/6087519?hl=en
- Metadata will be provided by TDS team, but usually it is at Keycloak URL like https://identity.core.tds.CUSTOMERX.com/auth/realms/tds/broker/google-saml/endpoint/descriptor
- Make sure to set up following attribute mapping:
- E-mail >> email
- Windows Login >> sAMAccountName
- First Name >> FirstName
- Last Name >> LastName
- Define custom initial page to portal URL, like https://tds.CUSTOMERX.com
- Provide GoogleIDPMetadata.xml metadata file to TDS team.
Azure AD integration with TDS Keycloak using SAML
...