Configuring-KeyCloak-and-Clients.md

+https://www.keycloak.org/documentation.html
+
+### SAML
+
+List SAML descriptor https://id.fairkom.net/auth/realms/fairlogin/protocol/saml/descriptor
+
+### OpenID
+
+Find all endpoints here https://id.fairkom.net/auth/realms/fairlogin/.well-known/openid-configuration
+
+```
+https://id.fairkom.net/auth/realms/fairlogin/protocol/openid-connect/token
+https://id.fairkom.net/auth/realms/fairlogin/protocol/openid-connect/userinfo
+https://id.fairkom.net/auth/realms/fairlogin/protocol/openid-connect/auth
+```
+
+How to [add rocket.chat as OIDC client](openid-connect-with-rocketchat)
+
+For **wordpress** use the plugins https://github.com/oidc-wp/openid-connect-generic with https://github.com/timnolte/oidc-keycloak-sso and as OpenID scope `email openid profile`.
+
+### Identity Provider
+
+Add an oAuth ISP (such as eID #117) and set in Keycloak the oAuth Identity Provider Client ID just to a simple name (not a URL) and use that when registering your Keycloak based service.
+
+### Federate Keycloaks
+
+Add a Keycloak identity provider in your Keycloak realm.
+
+Import the OpenID SSO profile from the other Keycloak IdP https://sso.fwf.ac.at/auth/realms/sso/.well-known/openid-configuration (import URL).
+
+Add OIDC client in the other Keycloak IdP, change to secret and copy id (federateX-fairlogin) and secret to fairlogin Keaycloak.
+
+Disable e-mail verification, if your federated Keycloak is trusted to already do so. 
+