Exchange 2019 OWA Claim-based Authentication

We developed our own Security Token Service to use claim based authentication on OWA Exchange Server. In our implementation, OWA successfully redirects to our STS, STS performs multi-factor authentication, creates security token complying with WS-Federation and redirects back to OWA.

On OWA, the security token is verified successfully and the account on the Active Directory is verified.

Unfortunately, at the last step OWA enters a redirect loop which ends with an error code 0x80070057 in the Windows Event Log.

What could be causing this?

TIA.