https://connect.hyland.com/t5/alfresco-forum/adf-and-enterprise-saml-sso-connector-for-acs/m-p/28007#M11989 <P>Hello,</P><P>&nbsp;</P><P>I am wondering if there are known technics to use ADF with the enterprise SAML SSO connector (<A href="https://docs.alfresco.com/saml/concepts/saml-overview.html" rel="nofollow noopener noreferrer" target="_blank">https://docs.alfresco.com/saml/concepts/saml-overview.html</A>), especially the authentication part. We are&nbsp;currently using Alfresco 5.2.3,&nbsp;with a lot of custom development, so using Alfresco Identity Service (Alfresco 6.1 is required) is currently not an option.</P><P>&nbsp;</P><P>I currently have a working implementation, but it doesn't feel quite 'optimized' yet.<BR />My current implementation basically navigates from Angular to the external&nbsp;Identity Provider back to Angular, capturing the ticket on the way and logging into ADF with the ticket in the end. I can go more in detail if requested.<BR />If a user opens the ADF app it loads the app (takes a few seconds), navigates to the&nbsp;Idp (in some cases requiring user input, in other cases logging in immediately) and it loads the whole app again (taking a few seconds again), so the first login can take a while (and I know that users are not going to like that).</P><P>&nbsp;</P><P>I tried other technics:</P><UL><LI>Accessing it completely as a rest service (<A href="http://docs.alfresco.com/saml/concepts/develop-saml.html" rel="nofollow noopener noreferrer" target="_blank">http://docs.alfresco.com/saml/concepts/develop-saml.html</A>) is not an option, because one cannot capture user input in a REST service.</LI><LI>Iframing the Idp page &amp; capturing the output isn't an option either, because there are CORS issues that I cannot solve, because&nbsp;part of the Idp (which would run inside the iframe) is external, and solving the CORS issues would mean that i would need to add headers to the page inside the iframe (which is not under our control).</LI></UL><P>&nbsp;</P><P>Has someone else tried&nbsp;using the SAML SSO connector with ADF&nbsp;before?</P><P>&nbsp;</P><P>Maybe interesting to know: We are using Keycloak as&nbsp;identity broker between Alfresco &amp; our Idp, because the Alfresco SAML implementation wasn't compatible with the implementation of the Idp.</P><P>&nbsp;</P><P>Best regards.</P> Tue, 12 May 2026 06:35:49 GMT d_m 2026-05-12T06:35:49Z https://connect.hyland.com/t5/alfresco-forum/adf-and-enterprise-saml-sso-connector-for-acs/m-p/28007#M11989 <P>Hello,</P><P>&nbsp;</P><P>I am wondering if there are known technics to use ADF with the enterprise SAML SSO connector (<A href="https://docs.alfresco.com/saml/concepts/saml-overview.html" rel="nofollow noopener noreferrer" target="_blank">https://docs.alfresco.com/saml/concepts/saml-overview.html</A>), especially the authentication part. We are&nbsp;currently using Alfresco 5.2.3,&nbsp;with a lot of custom development, so using Alfresco Identity Service (Alfresco 6.1 is required) is currently not an option.</P><P>&nbsp;</P><P>I currently have a working implementation, but it doesn't feel quite 'optimized' yet.<BR />My current implementation basically navigates from Angular to the external&nbsp;Identity Provider back to Angular, capturing the ticket on the way and logging into ADF with the ticket in the end. I can go more in detail if requested.<BR />If a user opens the ADF app it loads the app (takes a few seconds), navigates to the&nbsp;Idp (in some cases requiring user input, in other cases logging in immediately) and it loads the whole app again (taking a few seconds again), so the first login can take a while (and I know that users are not going to like that).</P><P>&nbsp;</P><P>I tried other technics:</P><UL><LI>Accessing it completely as a rest service (<A href="http://docs.alfresco.com/saml/concepts/develop-saml.html" rel="nofollow noopener noreferrer" target="_blank">http://docs.alfresco.com/saml/concepts/develop-saml.html</A>) is not an option, because one cannot capture user input in a REST service.</LI><LI>Iframing the Idp page &amp; capturing the output isn't an option either, because there are CORS issues that I cannot solve, because&nbsp;part of the Idp (which would run inside the iframe) is external, and solving the CORS issues would mean that i would need to add headers to the page inside the iframe (which is not under our control).</LI></UL><P>&nbsp;</P><P>Has someone else tried&nbsp;using the SAML SSO connector with ADF&nbsp;before?</P><P>&nbsp;</P><P>Maybe interesting to know: We are using Keycloak as&nbsp;identity broker between Alfresco &amp; our Idp, because the Alfresco SAML implementation wasn't compatible with the implementation of the Idp.</P><P>&nbsp;</P><P>Best regards.</P> Tue, 12 May 2026 06:35:49 GMT https://connect.hyland.com/t5/alfresco-forum/adf-and-enterprise-saml-sso-connector-for-acs/m-p/28007#M11989 d_m 2026-05-12T06:35:49Z