Having SAML SSO set up is great, including the ability to enforce it, thanks! As documented and in practice, when using iDP-initiated sign-in, it just redirects to the SSO login page and users must retype their password. SAML is much more powerful than this, and it would be great if iDP-initiated sign-in were as seamless as it is most places. Thanks!