SSO integration between several Atlassian-applications

We configured 6 environments (test and prod. Jira, Confluence and Bitbucket, 2 of which are through the built-in SAML-SSO and 4 through the 2ImproveIT app) vs Keycloak. These work properly. Now there is a possibility in the Atlassian applications to easily navigate from one application to another (see the screenshot). Unfortunately, there is always logging in via 2FA in between, and that is also true, because the navigation as shown in the screenshot is not much more than URLs. Is there perhaps a possibility to navigate from one application to another without logging in again. Do I have to configure something in Keycloak (clustering of clients?).