By default, the SAML authentication handler expects the SAML response to be received at the SAML/AssertionConsumerService endpoint. We use this URL as it describes its function in the terminology of the SAML specification (ie an assertion consumer service). If required, this can be changed through the SamlAuthenticationOptions.AssertionConsumerServicePath.
The SAML authentication handler will receive and process the SAML response from the partner identity provider. If the SAML response is processed successfully, it will sign-in the user using the configured sign-in scheme. This defaults to Identity.External but can be changed through the SamlAuthenticationOptions.SignInScheme.
It then redirects to the login completion URL specified through the SamlAuthenticationOptions.LoginCompletionUrl. To tie in with Microsoft Identity, this defaults to "/Identity/Account/ExternalLogin?handler=Callback".
If there's still an issue, please enable SAML trace and send the generated log file as an email attachment to firstname.lastname@example.org
mentioning your forum post.https://www.componentspace.com/Forums/7936/Enabling-SAML-Trace