I had it working in MinthHCM 3.x.
Login and logout URL: <domain>/auth/realms/master/protocol/saml
The X509 you can find on “Realm Settings” -> “SAML 2.0 Identity Provider Metadata”. Here you can find the URLS too.
Not only does it not create users (!), it also looks like that code for SAML has silently been removed in 4.0. https://github.com/minthcm/minthcm/issues/56#issuecomment-1876071865
Neither LDAP seems to be functional anymore – also removed from the frontend.
If that works again, I’ll share the Keycloak config – it’s quite standard, and there is enough help on suitecrm help-pages.