SSO + Okta + Keycloak + SAML2.0


  1. Login using Okta developer account
  2. Created an SAML2.0 application (Create App Integration) and added required details like SP entity Id, SSO URL etc. No relay state.
  3. Assigned users
  4. Downloaded IDP metadata from Sign ON option

5) Went to Keycloak > created RealM
6) Created client. Added Valid Redirect URL
7) Added IDP Initiated SSO URL Name
8) Created IDP with provider SAML2.0. Loaded IDP - Okta metadata for it
9) Mapped First Login Flow as Browser. Browser First Login Flow has few properties mapped like IDP
10) Created Authentication named as Browser and added few properties like IDP etc. Mapped this browser to IDP above.

Then open App Embed Link (from Okta app)

Not sure I understand this one. Can you provide your complete configuration? Also, if you give a complete summary of what you are trying to achieve, I think we could probably help.