Instead of redirecting to "signOnUrl" my app redirects to the same login.aspx (start page) and I see Access Denied error. I use Pingfederate as Identity Provider. I have the following section in my web.config. I checked all the urls and they are available.
<sustainsys.saml2 entityId="..." returnUrl="..." authenticateRequestSigningBehavior="Never">
<nameIdPolicy allowCreate="true" format="Unspecified" />
<requestedAuthnContext classRef="Password" comparison="Minimum" />
<identityProviders>
<add entityId="[metadata url]" signOnUrl="[soo endpoint]" allowUnsolicitedAuthnResponse="true" binding="HttpRedirect" wantAuthnRequestsSigned="False">
<signingCertificate storeName="My" storeLocation="LocalMachine" findValue="[correct thumbprint]" x509FindType="FindByThumbprint" />
</add>
</identityProviders>
</sustainsys.saml2>