I think you could do that. I already tried that and my current problem for now. is I’m not able to authenticate users on my SPA application, even thought the saml2 flow authentication was successfully applied between SP and the IDP (bot are Okta orgs). becaouse I’m reliing on the Okta cookies and they fails to be created.
More details are here