When using Microsoft Azure AD Application Proxy to publish the PI Vision site externally. We are requiring 2FA to access the PI Vision site. What we're finding if a user bookmarks a PI Vision site, the Azure AD, by design, truncates the PI Vision paths after the # symbol upon a brand new browser window.

https://docs.microsoft.com/en-us/answers/questions/23558/azure-application-proxy-relaystate-uri-getting-tru.html
The workaround as described in Microsoft's article would be to:

change PI Vision, so that it authenticates first with the base application before making these calls using javascript, or

to change PI Vision to append the URL fragment to the redirect once the redirects are done