Confluent Cloud SSO with Keycloak


I’m trying to get Confluent Cloud’s SSO feature to work with Keycloak as IdP.

I’ve followed the steps described in the docs and created a client accordingly in Keycloak. When I try the SSO login, the redirect to the IdP works as well as the redirect back to Confluent Cloud. There, I’m, however, left with a cryptic error that I cannot find a solution to anyhwere.


I’ve also tried using Azure AD as IdP but that failed with even more cryptic errors.

Any help / hint is greatly appreciated :raised_hands:t2: