We have setup our app such that app is configured as oidc client of keycloak and keycloak is configured as SAML SP to external SAML IDP. Now we do SP initiated SSO from the APP using
kc_idp_hint such that user starts from app and gets redirected to keycloak and keycloak redirects user to IDP. After authentication from IDP user browser comes to keycloak and keycloak generated authz code and redirects user to app and now app exchange the code with Keycloak to get user attributes. This flow is working as expected, now we want IDP initiated flow such that user click link on IDP (IDP generated SSO link) and user lands on APP, we see that it fails after landing on Keycloak . Is there any way we can get it working so that both IDP initiated flow as well SP initiated flow works in the app. (while app is oidc / oauth client with keycloak).