When configuring SAML single sign-on, if the user uses URLs like https://id.atlassian.com, https://start.atlassian.com, and https://example.atlassian.net, this will allow people added to the identity provider to log-in via IDP-initiated log-in to Atlassian products and the account.

However, if the https://trello.com URL is used as the relay state, this will not authenticate the user to Trello and will require the account to use the Log-in flow, even though it is already authenticated to the Atlassian account.

Suggestion

This is a suggestion to allow https://trello.com to be used as the relay state, automatically authenticating accounts, as it would happen with https://id.atlassian.com

Workaround

Add the following URL to the Relay state configuration of the identity provider:

https://trello.com/ensureSession

This will automatically log the user to Trello.