According to the network traffic, I am being properly redirected to my IdP (Okta, in this case) and back to wordpress. The SAML response is present in the response and the correct user data is there.
What seems to be happening is that when I get back to wordpress the wp_authenticate hook is not being triggered (or run at all) and so the plugin never processes the SAML response. When I set the post back URL to wp-admin it creates an infinite SSO loop.
Has anyone experienced this? I would love to hear from the developer.