I am trying to configure Keycloak as SAML service provider for an external Identity Provider with IDP initiated login flow. At the moment I am testing with https://samltest.id/ but requirement is to support other providers like Microsoft AD, Okta and others.
I have configured
samltest.id as SAML IDP in the Keycloak (I use version 8.0) and imported
samltest.id metadata during configuration of the IDP. I also exported my Keycloak metadata into a file and imported it into a
Attempt to initiate login from
samltest.id side results in “Invalid request” error page and in the logs I get
12:22:40,036 WARN [org.keycloak.events] (default task-43) type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=Dubber, clientId=null, userId=null, ipAddress=127.0.0.1, error=invalidRequestMessage 12:22:40,036 ERROR [org.keycloak.services.resources.IdentityBrokerService] (default task-43) invalidRequestMessage
First issue that I am facing is that it is not clear if I need to install SAML adapters for Keycloak. Do I need to do it?
Second is do I need to configure any mappers for my IDP?
And finally do I need to configure any Keycloak client in my scenario?
Thanks a lot in advance.