Hi,

I have set up a test environment with a remote IDP (simplesamlphp) for Keycloak (1.6.1 Final).

When I try to use the remote IDP to log in, I always get a "We're sorry, invalid request" page.

From the log I can see that the error comes from SamlService.handleResponse(), where a cookie named KEYCLOAK_IDENTITY is expected to exist and be valid, which never seems the case.

I have experimented with different configuration options for the remote IDP, but nothing changes this.

Can anyone shed some light on this? Thanks.

--
Regards,

Ton