We received the below error when using Keyloak as IdP and Auth0 as SP via SAML.
error:04099079:rsa routines:RSA_padding_check_PKCS1_OAEP_mgf1:oaep decoding error
Keycloak does not allow the signing cert to be added manually.
Unfortunately, you can’t manually create a client in Keycloak and add your signing cert. Instead, please create the client with the SP metadata file.
This can be found using the endpoint: