IDP issues using new version of BB Keycloak
We currently have our Keycloak utilizing F5 as an IDP. Originally we configured this using the version of Keycloak from BB 1.37.0 (18.1.1-bb.5). When moving to BB 1.43.0(18.2.1-bb.3), the IDP no longer works as intended and has inconsistent behavior. This is using the same realm and F5 for each. I am not sure what is causing the issue between these versions, but the most predominate error we are getting with the newer version is:
Could not authenticate you from OpenIDConnect because "Invalid grant :: code not valid".
From Keycloak pod logs
logger=context traceID=00000000000000000000000000000000 userId=0 orgId=0 uname= t=2022-10-13T16:40:43.585092674Z level=error msg=login.OAuthLogin(NewTransportWithCode) error="oauth2: cannot fetch token: 400 Bad Request\nResponse: {\"error\":\"invalid_grant\",\"error_description\":\"Code not valid\"}"
"\u001b[0m\u001b[31m20:24:02,284 ERROR [org.keycloak.services.resources.IdentityBrokerService] (default task-2) unexpectedErrorHandlingRequestMessage: javax.ws.rs.WebApplicationException: HTTP 302 Found\n"
Going back to older version with same exact realm and F5 configuration, the error is gone and log ins through the IDP are consistent.