I navigated to our internal company page, which redirects to https://login.microsoftonline.com for SAML authentication after 2-Factor authentication it redirect back to the internal company page - this last step fails.
The SAML request to the internal page uses the following headers and is cross domain (obviously):
- Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
- Enable these capabilities when top page matches: ...microsoftonline.com
script
frame
fetch
noscript
lan
- Enable these capabilities when top page matches: ANY
script
frame
fetch
noscript
lan