I have an SP-initiated .net core 3.1 application that uses itfoxtec for the SAML authentication. The code has been implemented pretty much verbatim from the itfoxtec Git samples. It has been tested and implemented into Production, and now we have a couple random users that are encountering an endless loop during the assertionconsumerservice process. This was never encountered during testing and I am not able to repeat it myself, which makes it very difficult to diagnose and fix. Based on my investigations this appears to be a session authentication issue between the IDP and the internal SAML session – the IDP says the session is valid while the internal session says its not so they keep looping (I may not have the terminology quite right).