Hi, we recently tried to replace the DeepLink module with the built in page URL/Microflow URL feature after upgrading to 10.18.4. As we're using SAML for SSO auth, i also upgraded to SAML 4.0.1. But now, after removing all legacy evidence of the old DeepLink module, and modifying page prefix, index.html/index3.html according to documentation something strange is happening: when using an actual URL to a page (like: ./link/mypage) the SSO step is ending up in an infinite loop. So only when using a pageURL this infinite loop is caused logging on to standard landing page without PageURL reference is working fine, no SSO loop. All good. some details: index.html is "DefaultLoginPage" index3.html is "SSOLandingPage" index.html is containing these recommended 2 lines inside script tags: const returnURL = encodeURIComponent(window.location.search+window.location.hash); self.location = '/SSO/login?cont='+returnURL; (no further lines in that file forward to /SSO/ ). Also, general structure of this file is related to "login-with-mendixsso-automatically.html" as recommended in the SAML docs. index3.html is not containing any forwarding to /SSO/. I mean, it's actually working well for app access attempts without using pageURLs. SAMLConfig.properties content: sso.path=SSO/ sso.discovery.allowed=true sso.discovery.redirectToFirstIdP=true sso.principalvalue.tolowercase = true environment is set to SameSiteCookies = Lax (tried with "None", too). Normal SSO auth is working, as already said. For testing, i removed any role based landing pages, did not help. When not using a proper PageURL on purpose which is actually not existing, browser gives an "file not found" error, as expected. That loop only happens when using a valid/existing PageURL parameter. So at least, the mdx engine is getting to validate the parameter against available pages that have been setup with a URL in MDX Studio. It seems like the authenticated session after the actual SSO part is not forwarded back to SAML module that normally would pass it over to index3.html. Result: a new SSO action step seems necessary = loop. But that's assumptions only. starting to logon to app (including PageURL) by using <appURL>/link/myPage getting forwarded to <appURL>/SSO/ -> successful authentication getting forwarded to URL: <appURL>/SSO/login?cont=link%2FmyPage forward to SSO (again) getting back to URL: <appURL>/SSO/login?cont=link%2FmyPage ... loop. Any ideas what setting is causing this?