I’m not a KeyCloak administrator, so I can’t share all process, but I think it’s working like @toddy described here
LDAP integrated in RocketChat on LDAP page in Admin UI.
Then you need to configure KeyCloak as Custom OAuth in Oauth page in Admin UI
I believe in KeyCloak you should configure integration with same domain as on LDAP page.
And last one - you need to add KeyCloak and maybe RocketChat URLs to Local Intranet Security zone of Internet Explorer by group policies.