okay, now i am not too sure what happened, but i assume keycloak and zammad just needed time to have its configurations set. all of a sudden now logging into zammad with saml sso, it works. i am not too sure, but all i knew was that i matched the certificate inside of zammad to the one on the keycloak saml descriptor. i will have to take another look and compare and contrast, but this is good news.

i had a very hard time with saml inside of authentik and i am glad to see it working well in keycloak.