Jupyterhub with Keycloak

[Rob Barriga]

Currently have Keycloak as our IDP for Tableau using SAML and CaC card access. For Jupyterhub, we have our JH config setup to use SAML and our ssl certs for HTTPS. JH currently directs to Keycloak to which a CaC prompt is displayed correctly. This is were it stops. At this point we enter credentials but are sent to a Keycloak invalid request. Now in Keycloak, we do have a client set up for our JH server and this includes browser settings, attributes, mappers etc. When we look at the events in Keycloak, we see a saml_token_error however absolutely no details provided whatsoever. We can see the in jupyter the request sent to Keycloak but nothing after that and we can see the event in Keycloak. So it's obvious that we are half way there. We just don't see re-direct back to jupyter. SO 2 things, we'd like to figure out another way to set up logging to see where the re-direct is stopping and we need to figure out the rest of this path. ANy help would be much appreciated thanks!!