When a user returns from CDSSO authentication, the request contains a list of parameters that were added when the user was authenticated. am_web_remove_authnrequest() removes these extra parameters so the request is forwarded to applications as it originally came from the browser.