With the SAML plugin enabled one can choose to log in via SAML or internal user directory (user + password). It would be nice to have a configuration option to automatically get redirected to the login page of the Identity Provider (i.e. Keycloak).
Other plugins (i.e. the EasySSO plugin for Atlassian Confluence / Jira) offer this option, too. When a login with an internal user is required, there is the possibility to append
?sso=false to the URL.