Hi,
I tried to build Master-Broker-Service provider scheme.
So I have:
Master keycloak with saml and oidc clients.
Broker keycloak with added IDPs (saml and oidc). And with saml client.
Service provider with saml plugin (JIRA).

I can authenticate on Broker with internal users.
I can authenticate on Master, but it redirects only to Broker. No redirection from broker to JIRA.
I get the message “You are already logged in.” on Broker and no link back to the JIRA.
So I cannot get authentication in JIRA.

Could you please help me to complete configuration?

Regards, Leonid Lee.

I resolved the issue.
The reason was in my cookies. I configured two instances on the same IP but with different port numbers. So cookies were broken.
After settings were set on different IPs, master-broker started work correctly.

Regards,
Leonid Lee.