I have set up a test environment with a remote IDP (simplesamlphp) for
Keycloak (1.6.1 Final).
When I try to use the remote IDP to log in, I always get a "We're sorry,
invalid request" page.
From the log I can see that the error comes from
SamlService.handleResponse(), where a cookie named KEYCLOAK_IDENTITY is
expected to exist and be valid, which never seems the case.
I have experimented with different configuration options for the remote
IDP, but nothing changes this.
Can anyone shed some light on this? Thanks.