Skipping login page via IdP of enterprise connection

I’m attempting to implement a link enterprise connections can use to skip the login page and enter our app directly with SSO.

I’ve formed a request URL as follows:

https://login.<our domain>.com/authorize?
  	connection=<connection name>&
  	redirect_uri=https://app.<our domain>.com/login

Now, this link correctly takes the user to the associated IdP page and then begins the callback process with a successful login recorded in the management dashboard. But after redirecting to the login page, the user is then prompted to enter their log-in details in the universal log-in page again.

I’ve got some excerpts from HAR captures that show the difference.

Login redirection to main app page using the ‘traditional’ universal login page flow:

Failed login redirection using enterprise connection specific link:

One thing I have noticed is that the login redirect on the successful attempt has query parameters for code and state, which aren’t present at all in the failed one. Any advice on how to move this forward would be much appreciated.