When users access ALM -which is SSO enabled- using ALM Client Launcher, they have to type 2 times their credentials: first time the ALM credentials, second time the IdP credentials.
This is not the case when they connect to ALM using Internet Explorer. In that case, SSO authentication passes without having to type the credentials again.
As per RnD confirmation, this is due to currently SSO authentication cookies cannot be passed across process boundary, since AlmClientLauncher.exe runs in its own process, thus it cannot access cookies in IE, this is by design now.
Avoiding double login is far more user friendly and supports the real idea of Single Sign On. Compared to the use of Internet Explorer, using ALM Client Launcher is a big step back in terms of SSO based authentication
First of all, please confirm whether the use case is like below,
If this is the case, and IE is the default browser, then the user doesn't need to type 2 times their credentials to start ALM Client Launcher. Please check whether IE is the default browser on the machine.