IDP Initiated Login

[keycloak-user]

Hello,

I am trying to configure a IDP initiated login with keycloak as Identity Broker.

I have done the following configuration:

Keycloak:

1. Created a SAML v2.0 Identity Provider in keycloak realm
     Redirect URI: https://abc.xyz.com/auth/realms/my-realm/broker/okta/endpoint
     Alias: okta
     Enabled: On
     First Login Flow: first login flow
     Sync Mode: Import
     Service Provider Entity ID: okta
     Single Sign-On Service URL: https://abc.okta.com/app/xxxxxx/xxxxxx/sso/saml
     NameID Policy Format: Email
     Principal Type: Subject NameID
     HTTP-POST Binding Response: On
     HTTP-POST Binding for AuthnRequest: On

2. Created a SAML client in Keycloak
     Client ID: okta
     Name: okta
     Enabled: On
     Client Protocol: saml
     Name ID Format: email
     Master SAML Processing URL: https://abc.xyz.com/auth/realms/my-realm/broker/okta/endpoint 

      IDP Initiated SSO URL Name: okta

3. Created an app in Okta
     Single Sign On URL: https://abc.xyz.com/auth/realms/my-realm/protocol/saml/clients/okta
     Audience Restriction: okta

     Name ID Format: EmailAddress

When I am hitting the app in Okta, its giving the An internal server error has occurred error. On close observation, I found that the SAML response using a POST method on the https://abc.xyz.com/auth/realms/my-realm/protocol/saml/clients/okta is giving 405Method not allowed error.

Any suggestions to fix this?