At this moment, when a user that was previously logged via SSO has their session timed out in accordance with the Authentication Policy Idle session duration value, they are presented with the usual login pop-up: 

Suggestion:

Implement a mechanism that would either:

• Automatically reuse the previous SAML attributes that were provided in the first SSO login, not requiring any extra steps from the end user. 
• Keep stored, and allow the user to log in using the SAML attributes that were used in the first SSO login via a new button in the interface. For example, provide a new option to trigger the SSO authentication flow using the attributes that were already provided previously.