I have an application that authenticates through a 3rd party IDP using SAML. I’ve setup and successfully created an IDP broker that allows the user to login through the third party IDP. Keycloak successfully creates/links the user account.
At that point, I redirect the authenticated user to an application that uses OIDC tokens to authenticate. What I’m seeing is that the user must login again using authorization code grant type. What’s more, the password for the user is not linked into the new account, so the user can’t login.
Can somebody help me out? What am I missing?
What I want to happen is the use get’s redirected to the OIDC secured app, and the app can obtain an OIDC token automatically.