Hi Team,   I have configured my CDP and Keycloak. First I took my Keycloak XML file from "SAML 2.0 Identity Provider Metadata" and with this I have created one Identity provider. And I got one JSON from cloudera community and with this JSON created one client. Json file pasted atlast. With the client I created I pasted my CDP Identity provider ID in "Assertion Consumer Service POST Binding URL" in Keycloak client. After doing these steps with the provided "Target IDP initiated SSO URL" I tried to login all I get is "404 Misconfigured account. IdentityProviderConnector for ID '{39XXX08}' not found" . But if I copy my cloudera Manager URL and paste that in incognito this will redirect me to my keycloak server with this error "We are sorry... Invalid Request".  JSON FILE: { "clientId": "cdp-client", "surrogateAuthRequired": false, "enabled": true, "clientAuthenticatorType": "client-secret", "redirectUris": [ "https://consoleauth.altus.cloudera.com/saml" ], "webOrigins": [ "https://consoleauth.altus.cloudera.com" ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "publicClient": false, "frontchannelLogout": true, "protocol": "saml", "attributes": { "saml.assertion.signature": "true", "saml.force.post.binding": "true", "saml.multivalued.roles": "false", "saml.encrypt": "false", "saml_assertion_consumer_url_post": "https://consoleauth.altus.cloudera.com/saml?samlProviderId={ID}", "saml.server.signature": "true", "saml_idp_initiated_sso_url_name": "cdp-sso", "saml.server.signature.keyinfo.ext": "false", "exclude.session.state.from.auth.response": "false", "saml.signature.algorithm": "RSA_SHA256", "saml_force_name_id_format": "false", "saml.client.signature": "true", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "true", "display.on.consent.screen": "false", "saml_name_id_format": "username", "saml.onetimeuse.condition": "false", "saml_signature_canonicalization_method": "http://www.w3.org/2001/10/xml-exc-c14n#" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { "name": "my-email-id-mapper", "protocol": "saml", "protocolMapper": "saml-user-property-mapper", "consentRequired": false, "config": { "attribute.nameformat": "URI Reference", "user.attribute": "email", "friendly.name": "my-email-friendly-name", "attribute.name": "urn:oid:0.9.2342.19200300.100.1.3" } }, { "name": "my-groups-mapper", "protocol": "saml", "protocolMapper": "saml-group-membership-mapper", "consentRequired": false, "config": { "single": "true", "attribute.nameformat": "URI Reference", "full.path": "false", "friendly.name": "my-groups-friendly-name", "attribute.name": "https://cdp.cloudera.com/SAML/Attributes/groups" } }, { "name": "my-firstname-mapper", "protocol": "saml", "protocolMapper": "saml-user-property-mapper", "consentRequired": false, "config": { "attribute.nameformat": "URI Reference", "user.attribute": "firstName", "friendly.name": "my-firstname-friendly-name", "attribute.name": "https://cdp.cloudera.com/SAML/Attributes/firstName" } }, { "name": "my-lastname-mapper", "protocol": "saml", "protocolMapper": "saml-user-property-mapper", "consentRequired": false, "config": { "attribute.nameformat": "URI Reference", "user.attribute": "lastName", "friendly.name": "my-lastname-friendly-name", "attribute.name": "https://cdp.cloudera.com/SAML/Attributes/lastName" } } ], "defaultClientScopes": [ "web-origins", "role_list", "profile", "roles", "email" ], "optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ], "access": { "view": true, "configure": true, "manage": true } } ... View more