Users accessing WSS with explicit Access method
SAML authentication enabled with cookie surrogates
When attempting to download extensions, it appears to start to download but then users see the following pop up message. Our WSS policy is configured to allow access to chrome.google.com site and category
Application does not like redirects during extension download. Through a combination of whitelisting sites that triggered 307 redirects for SAML, and bypassing SSL interception, we got this to work.
Explicit access method
SAML authentication enabled for users
Made following combination of changes to allow extensions to download to clients:
HAR files can be used to see what sites we are triggering 307 redirects to, and then whitelist these from authentication
The HTTP logs can be used to determine which SSL sites are being intercepted during download, and added to SSL intercept bypass list.