I have integrated with OKTA as IDP in Keycloak.
The login and logout works fine if session is not expired.
But after 1 hour if session expires I get invalid_client error from OKTA.
The only difference I see is after session timeout, Keycloak is not adding id_token_hint parameter to OKTA’s logout url