We have 3-legged OAuth working to access the REST API for Confluence Server / Cloud. Unfortunately for our clients using SAML, when we issue the API call to fetch the request token (see https://developer.atlassian.com/cloud/jira/platform/jira-rest-api-oauth-authentication/), our servers receive a 302 redirect to authenticate via SAML.
What is the recommended way to handle REST API calls behind SAML? How unique are the flows depending on SAML provider?
Thanks and apologies in advance as I’m not very familiar with SAML.