This is a Qlik/SAML implementation with a custom solution. The IDP sends a POST response to Qlik, Qlik parses the response, creates a session, and sets the cookie. The cookie appears in the POST response headers, but in the 302 redirect to the Qlik Hub, the cookie is not present in the request headers.

Does anyone have any idea why when Qlik redirects to the hub after a successful POST, the Qlik session cookie is not getting passed through? The top picture shows the 302 POST where the Cookie gets set, but the redirect to /sso/hub GET does not retain the cookie.