I successfully configured Azure to work with an external IdP according to https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-fed-saml-idp However if I try to do an IdP initiated login, it seems that the SSO service https://login.microsoftonline.com does not parse the RelayState accordingly to http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0-cd-02.html#5.1.4.IdP-Initiated%20SSO:%20%20POST%20Binding|outline
If I use the IdP initiated login URL:
the login works fine, but then I get redirect to https://www.office.com/?auth=2&home=1
If I finally type https://portal.azure.com in the same browser tab, I can access the Azure portal due to already successfully logged in via SSO.
Does anybody know why the Microsoft SSO ignores the RelayState argument?
