Keycloak behind load balancer raises invalid_saml_response


I’m trying to configure IDP initiated SSO login with Okta. I found in the keycloak logs this error:

type=IDENTITY_PROVIDER_RESPONSE_ERROR, realmId=test, clientId=null, userId=null,, error=invalid_saml_response, reason=invalid_destination, requestUri=

I guess this error appears because of HTTP in requestUri however I’m working with keycloak via https.
This is my configuration:

load balancer (https)--> kong --> docker --> keycloak (http)

Is it possible to fix requestUri via some parameter in jBoss/keycloak to use https instead of http?