[keycloak-user] keycloak consuming saml

Group Portal where users authenticted in adfs and need to add a link to my webapp protected by keycloak. Users click on link should trigger a saml post into keycloak , consume the assertion and let user in. Given this scenario how could i configure keycloak to receive the assertion and give my webapp an oidc token. Is this doable? Was looking at identity brokering, but this triggers request from keycloak to idp. I think my case is idp initiated saml post . is it possible to use id brokering in this case, or how does anyone solve this scenario? Thanks