No redirect to oidc with security plugin

Hi, i am currently using opendistro 0.10.0 for both elasticsearch and kibana, in a dockerized environment.
I am currently trying to configure SSO among keycloak using the security plugin provided.

Currently elasticsearch is correctly protected and working passing a valid JWT taken from keycloak.

The problem is that kibana is not making a redirect to keylock for authentication, but only showing

Authentication failed
Please provide a new token.

I will atach my configuration, implemented as explained on official doc.

config.yml (elasticsearch)
opendistro_security:
  dynamic:
    http:
      anonymous_auth_enabled: false
      xff:
        enabled: false
        internalProxies: '192\.168\.0\.10|192\.168\.0\.11' # regex pattern
        remoteIpHeader:  'x-forwarded-for'
        proxiesHeader:   'x-forwarded-by'
    authc:
      basic_internal_auth_domain:
        enabled: true
        order: 0
        http_enabled: true
        transport_enabled: true
        http_authenticator:
          type: "basic"
          challenge: false
        authentication_backend:
          type: "internal"
      openid_auth_domain:
        order: 1
        enabled: true
        http_enabled: true
        transport_enabled: true
        http_authenticator:
          type: openid
          challenge: false
          config:
            openid_connect_url: http://keycloak:8082/auth/realms/master/.well-known/openid-configuration
            subject_key: preferred_username
            roles_key: roles
        authentication_backend:
          type: noop
    authz: {}
kibana.yml
server.name: kibana
server.host: "0"
elasticsearch.url: https://localhost:9200
elasticsearch.ssl.verificationMode: none
elasticsearch.username: "kibanaserver"
elasticsearch.password: "kibanaserver"
elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
opendistro_security.multitenancy.enabled: true
opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"]
opendistro_security.readonly_mode.roles: ["kibana_read_only"]

opendistro_security.auth.type: "openid"
opendistro_security.openid.connect_url: "http://localhost:8082/auth/realms/master/.well-known/openid-configuration" # This is keycloak
opendistro_security.openid.client_id: "app-kibana"
opendistro_security.openid.client_secret: "..."

Thanks,
Raffaele