Hi @nmw748 ,
Thanks for your post! In your screenshots I only see the Homepage URL. Do you have more than one Reply URL set? You can set multiple reply URLs in a given enterprise application but the token can only be posted to one of the Reply URLs configured in the application, depending on which Reply URL or Assertion Consumer Service URL is included in the authentication request. If the Assertion Consumer Service URL is not included, the SAML Response will be sent to the first Reply URL in the list. (And this should be the URL where you want to direct your users after sign-in.)
For a ReplyURL that honors an SP-initiated flow, the AssertionConsumerServiceUrl parameter needs to be present in AuthnRequest which is generated by application or else any Reply Address configured in Azure AD can be selected for user redirection.
-
If the information helped you, please Accept the answer. This will help us and other members of the community as well.