Currently, if the option to auto-provision users is not selected, and an unprovisioned user attempts to authenticated via SAML, they are redirected to the homepage.
This is problematic because in many cases, the homepage contains protected content and the user might get a generic access denied message, or even caught in an endless redirect loop for site that are configured to redirect 403 pages for unauthenticated users to SAML. The user also gets no additional information about why they weren't able to log in (related: #2296093: User not seeing the "Not yet entitled to access the site" → )
I think many sites could benefit from this redirect page being configurable. Patch to follow.
3.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.