Previously when sending a SAMLRequest to OKTA using this flag and set to true it would simply reprompt the user for credentials (once) and then return to our SAML SP.
Recently however it seems OKTA will now prompt the user twice for credentials, once to access OKTA, and then again to access the APP.
If you set the "Honor the ForceAuthN" option in the OKTA APP to false this behaviour goes away.
Our question is, is this by design (which is not great..)? or is this a bug?