@Gsmitt
You can set saml login to debug and extract and examine saml response and created jwt by adding below lines to log4j file in config and restarting the node.
logger.token.name = com.amazon.dlic.auth.http.saml.Token
logger.token.level = debug
As I can’t seem to reproduce your issue, below is example of replies I get in my local dev:
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Destination="http://localhost:5601/_opendistro/_security/saml/acs" ID="ID_1e74fc51-7e61-410d-a538-889dfb231473" InResponseTo="ONELOGIN_5198d965-462b-42e2-9989-52c1e4454873" IssueInstant="2021-07-16T08:13:02.884Z" Version="2.0"><saml:Issuer>http://192.168.1.9:8080/auth/realms/realm_for_saml</saml:Issuer><dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><dsig:Reference URI="#ID_1e74fc51-7e61-410d-a538-889dfb231473"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><dsig:DigestValue>BMVX49sX8ze/g55RslsD1R1KHCb5/Ygo/N5D2SiywBk=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>Z2lEm0gw1fHPNLY3vMT6NJiGHjZWV/OYpGDnnnUFYN0qLQm8cQlr4gaMCCV3F7aJe18F1HvlXftpnXgeM95wqyDJKj2NZoclDWtnZ6ExgQIg9yUYIslY5Eoux7wikXDVMXs8GM2KCUTpq9DBaJRhfQHscVszIuy9TFoFhBxAHQ7cHR3+vH+hNw66gB9MxVxN6onPyR2pGrgZfEhDtJGLj9yBhTH5kCY39Wvp1xkXfX0abePK3ke0CwK6eUpaCMt/lYqyAw3g1tiLATzy6tZckhcT38K+WuuBsT8PTqmTFJz6ydIO35z/RriLLBU2UcslZofc903Q+9OP3igYVAAcow==</dsig:SignatureValue><dsig:KeyInfo><dsig:KeyName>KflqydJGMn-fcSlQV2tybJc_fOifzq2TZmIsJlwSbmA</dsig:KeyName><dsig:X509Data><dsig:X509Certificate>MIICqzCCAZMCBgF2dgr8WjANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5yZWFsbV9mb3Jfc2FtbDAeFw0yMDEyMTgxMzI4MjBaFw0zMDEyMTgxMzMwMDBaMBkxFzAVBgNVBAMMDnJlYWxtX2Zvcl9zYW1sMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunjhOyDsvwg3xUSpkeA43+1PBsPvnb5ajndM64PWwvuprK25874uF+0IgkIjf1KzIagWtM460MWX9zQIEnz4unr0vJ/Ts3zTRqrb48D/D1KXN1v2z6mJO67Ko+lGrtbI+E2z/1gSHw3OMgl51KXtdVFqEaR+TkP/HGV0fQpkttHHljNlLo3GDG5khlyrESYAKcIFsWsR/namthEeyRIf408MDBOoRWaaxKsazQ2zUL2MRvCwewS3ND/ksc9eGCUiOaYPF0+D7Dm7n6uwUQ0decZnIsfQS6uEePqrTYlIFmWNF9H2gZtVHkS4jtMwGA6wmAvkIAwdJaHCRN7x3mRCAQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBDrBfTLc6c8LKFMVA1RtKuf16jSHKZAolsZNEcp8d8qURr49FQaVmTL6SpsJlOO/5Svr1c12ehyvG++BU5MXd7OmRsLTtzCRzlYYL4aJwwYjO7EDvyIJfTnVOC3wf+olFv9WDt7Gaci2zAdJBMh+fYgooi9SRmWeOLYlAuu3DS3arnoXjW4+hTL6oxYLa74E81Up4DmN3hPrDfA1rqb0SKxsVrhL1oPhaTqxluGqnTlF1U/cjCzajkpZ+lgUUX1IAov9xsaqpgXglQwDlv7AuIvKzWzQVhkxANzah9P3Vd/p9NgOewdFqSqcnzrAc5fGPfvRF169kFcBgQCs2GAaCV</dsig:X509Certificate></dsig:X509Data><dsig:KeyValue><dsig:RSAKeyValue><dsig:Modulus>unjhOyDsvwg3xUSpkeA43+1PBsPvnb5ajndM64PWwvuprK25874uF+0IgkIjf1KzIagWtM460MWX9zQIEnz4unr0vJ/Ts3zTRqrb48D/D1KXN1v2z6mJO67Ko+lGrtbI+E2z/1gSHw3OMgl51KXtdVFqEaR+TkP/HGV0fQpkttHHljNlLo3GDG5khlyrESYAKcIFsWsR/namthEeyRIf408MDBOoRWaaxKsazQ2zUL2MRvCwewS3ND/ksc9eGCUiOaYPF0+D7Dm7n6uwUQ0decZnIsfQS6uEePqrTYlIFmWNF9H2gZtVHkS4jtMwGA6wmAvkIAwdJaHCRN7x3mRCAQ==</dsig:Modulus><dsig:Exponent>AQAB</dsig:Exponent></dsig:RSAKeyValue></dsig:KeyValue></dsig:KeyInfo></dsig:Signature><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><saml:Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="ID_eaabda76-d977-41a0-a8c3-712f84e41daf" IssueInstant="2021-07-16T08:13:02.883Z" Version="2.0"><saml:Issuer>http://192.168.1.9:8080/auth/realms/realm_for_saml</saml:Issuer><saml:Subject><saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">anton</saml:NameID><saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData InResponseTo="ONELOGIN_5198d965-462b-42e2-9989-52c1e4454873" NotOnOrAfter="2021-07-16T08:18:00.883Z" Recipient="http://localhost:5601/_opendistro/_security/saml/acs"/></saml:SubjectConfirmation></saml:Subject><saml:Conditions NotBefore="2021-07-16T08:13:00.883Z" NotOnOrAfter="2021-07-16T08:18:00.883Z"><saml:AudienceRestriction><saml:Audience>KibanaSAML</saml:Audience></saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement AuthnInstant="2021-07-16T08:13:02.884Z" SessionIndex="5a38feb8-a0ce-4d05-a4d5-043aec545717::ac543be1-bf9d-411c-b3a3-483252cacbc0" SessionNotOnOrAfter="2021-07-16T13:13:02.884Z"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement><saml:AttributeStatement><saml:Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">admin</saml:AttributeValue><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">test</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion></samlp:Response>
odfe-node1 | [2021-07-16T08:13:03,017][DEBUG][c.a.d.a.h.s.Token ] [odfe-node1] Created JWT: eyJhbGciOiJIUzUxMiJ9.eyJuYmYiOjE2MjY0MjMxODMsImV4cCI6MTYyNjQ0MTE4Miwic3ViIjoiYW50b24iLCJzYW1sX25pZiI6InUiLCJzYW1sX3NpIjoiNWEzOGZlYjgtYTBjZS00ZDA1LWE0ZDUtMDQzYWVjNTQ1NzE3OjphYzU0M2JlMS1iZjlkLTQxMWMtYjNhMy00ODMyNTJjYWNiYzAiLCJyb2xlcyI6WyJhZG1pbiIsInRlc3QiXX0.R9uM5Wc3t5uqaT0wQt1JNDnr1aukGmF5j6GjLTRxcNc4jfmxSYputTFrPcPBpHo0M1RL8TcrZ2kQ72W1tZH4kA
Are you able to extract your replies and compare?