I have configured IDP to connect with okta oidc, now when I am doing sign in with OKta, the user’s profile is importiung in the keyclaok and not its password, when i try to Authenticatw with the okta credentials to the keycloak token API using password as the grant type I am not able to authenticate to keycloak.
Is it possible, if yes then what First Login flow should be used
I believe that the behavior is correct. One thing is identity federation with an external IdP, therefore, you delegate the authentication to an IdP with OIDC, typically with the Authorization Code flow. Another thing is ROPC.
As usual, with custom SPIs, you can do magic in Keycloak, but in this case, I would double-check why ROPC is needed since it is no longer recommended for several reasons