What's the proper REST flow for SAML auth with CSRF enabled?
My Jenkins instance has SAML configured with Okta and also has CSRF protection enabled. Currently I am able to authenticate with SAML via the Jenkins GUI. However, I have a service user which communicates via the REST API and I have not stepped into the correct flow which allows this user (which has a valid SAML assertion) to finish the login sequence with Jenkins without a separate means of authentication (user:password or user:apiToken). What is the proper sequence to authenticate via the REST API when I have SAML and CSRF configured?