3.1.5.6 Processing Authentication Server Redirect Messages

On receiving an Authentication Server Redirect message, the client MUST retry the sign-in request by sending an exact duplicate of the most recently sent Sign-in Request message stored in Last Sign-in Request to the indicated URL. This duplicate MUST be retrieved from the client's stored state, as specified in section 3.1.1.