The app uses an embedded browser to authenticate when logging in with a SAML account, but based on user experience, it would be better go through external browsers or either provide an option to set a third-party default browser (IE or Safari, depending on the OS).

Use case example: A group of users uses Duo for 2FA in front of SAML, but the embedded browser inside the app isn't recognized by Duo as an up-to-date browser. This ends up triggering an error to the end user saying that "the software is out of date".