It depends. Keycloak appears to support oauth. There a two common approaches to oauth authentication on mobile. They both use a webview control to login, as the oauth server is a website that redirects back to the host site.
the first is you have a website that handles the login and returns a token to the mobile app. as the token response is a webpage, you need to get the token to app. Your app can parse the response or use JavaScript to call the mobile app code.
The second uses registered custom protocol on mobile app, and the oauth server redirects to this protocol. Again you mobile app parses the response.