I am trying to setup an IdP initiated SSO connection in Auth0 using OpenID Connect Response protocol with default redirect_uri. I understand that the redirect_uri, if empty, would use the first allowed callback in my application.
After SAML assertion is processed by Auth0, it seems Auth0 will talk to the application associated with this SSO connection. In OpenID Connect, it’s always the application that talks to Auth0 to request the authorization code in a web application use case. I wonder whether Auth0 would send the authorization code to the callback after the SAML assertion is verified.
In this case, even if the application hasn’t initiated an Open ID Connect flow, does my application receive the code at the callback?
Additional Data :
What is the URL to the resource(s) you consulted?