You have successfully set up SAML SSO so that your users can login to a application without a password. In your landscape, corporate identity provider (eg, Azure AD) acts as an Identity Provider and IAS act as proxy system.
Now you found users get a prompt to enter their email address on IAS page every 3 months and cookie responsible for this (issued by SAP IAS named authIdentifiedData) expires three months after its creation.
SAP Cloud Platform Identity Authentication Service
This cookie authIdentifiedData is related conditional authentication.
Document Configure Conditional Authentication for an Application has been followed.
The authIdentifiedData cookie validity is 3 months (in the documentation it is named as persistent cookie)
Identity Authentication stores the user identifier in a persistent cookie in the browser. The persistent cookie expires in three months.
Cookie, authIdentifiedData, expires after 3 months , KBA , BC-IAM-IDS , Identity Authentication Service , Problem