I am struggling with the same issue, till now I have done following. I have setup Okta IDP in KeyCloak, and Added my keycloak redirect in Okta, plus some more setting.
Post this I am able to successfully authenticate the user using Okta, and I get the JWT token having following fields.
In the FirstLoginFlow, keycloak is searching for a user based on uid field and not sub field.. I have added explicit Mapper for my IDP in keycloak.
This is causing that keycloak is not able to find the user which is already present in my db.
We don't want to rely on userid provided by Okta, as our usecase requires that user needs to be white-listed in our system for successful login.
Any help how I can make keycloak to search for user based on email instead of the okta Uid
Federated user not found for provider 'oidc-local' and broker username '00umvmi9g5zb4ptsf5d7