diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4fc775d105..10f150df02 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,13 @@
 # Changelog
 
+## 59.3.1 - unreleased
+
+### 🐞 Bug Fixes
+
+* Ensure an unauthorized response from a proxy service endpoint does not prompt the user to refresh
+  and log in again on an SSO-enabled application.
+* Revert change to `Panel` which affected where `className` was applied with `modalSupport` enabled
+
 ## 59.3.0 - 2023-11-09
 
 ### 🎁 New Features
diff --git a/core/exception/ExceptionHandler.ts b/core/exception/ExceptionHandler.ts
index f756c55771..abfe2707ee 100644
--- a/core/exception/ExceptionHandler.ts
+++ b/core/exception/ExceptionHandler.ts
@@ -345,6 +345,7 @@ export class ExceptionHandler {
     // Detect an expired server session for special messaging, but only for requests back to the
     // app's own server on a relative URL (to avoid triggering w/auth failures on remote CORS URLs).
     private sessionExpired(e: HoistException): boolean {
+        if (XH.appSpec.isSSO) return false;
         const {httpStatus, fetchOptions} = e,
             relativeRequest = !fetchOptions?.url?.startsWith('http');
 
diff --git a/desktop/appcontainer/ExceptionDialog.ts b/desktop/appcontainer/ExceptionDialog.ts
index 43027f6d9b..5416cef6e8 100644
--- a/desktop/appcontainer/ExceptionDialog.ts
+++ b/desktop/appcontainer/ExceptionDialog.ts
@@ -90,5 +90,5 @@ export const dismissButton = hoistCmp.factory<ExceptionDialogModel>(({model}) =>
 });
 
 function isSessionExpired(e) {
-    return e?.httpStatus === 401;
+    return !XH.appSpec.isSSO && e?.httpStatus === 401;
 }