[keycloak-user] SAML issue

I am having an issue with setting up a SAML connection. Here are the screens. When I try to do an IDP initiated login, https://sso2-dev.mbopartners.com/realms/dev/protocol/saml/clients/timeoff... I am getting a 404 error. If I do an SP initiated at https://www.timeoffmanager.com/cpanel/sso/?id=MB41115 I get an invalid request error. It is not picking up the clientid. 21:32:15,253 WARN [org.keycloak.events] (default task-16) type=LOGIN_ERROR, realmId=(removed by me), clientId=null, userId=null, ipAddress=10.7.3.154, error=invalid_token I also tried to make the Valid Redirect URI to be https://www.timeoffmanager.com/* What have I missed? Any help is appreciated. [cid:image001.png@01D16FEA.C198EBF0] Here is the SP's setup. [cid:image003.png@01D17079.7B1D3340] [cid:image004.png@01D17079.7B1D3340]