Linking Keycloak with Cisco Firepower and Secure Client via SAML

[El Beppologe]

I would like to ask, if anybody has manged to get Cisco Firepower and Cisco Secure Client (Anyconnect) working via SAML and Keycloak. There are a lot of documents around in the Internet and one of the best for SAML and Cisco VPN is https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/215935-configure-asa-anyconnect-vpn-with-micros.html but the SAML Server is MS Azure and the used configuration on Azure side is predefined, therefor I am missing the settings for Keycloak. I tried it with default settings in Keycloak for a SAML client and played around with SHA256, but that did not seem to work. Forwarding from VPN client to Keycloak Login is working and it is possible to Log into Keycloak, but afterwards the Login window does not disappear and there is a link 'Back to Application' by Keycloak and after clicking I am reqested to Log In once again.