I am using SAML Java Toolkit to connect OKTA for SSO. My use case is, I want to pass a custom value to OKTA while calling application authentication URL and return the same value when OKTA application redirects to my URL on successful login.
I would suggest to look into usage of
RelayState parameter. You could use it to implement CSRF or to inform SP on the next steps when it receives it back.
Hope this helps!
By using RelayState I am able to retrieve custom data.