Sorry, I missed that.
As part of SP-initiated SSO, the RedirectUri is saved at the time of the challenge.
When the SAML response is received, we check for this saved RedirectUri.
If none is present and this is IdP-initiated SSO, the code you described is executed to pick up the URI from the relay state, if any.
For SP-initiated SSO, the relay state shouldn't be used. Instead, the RedirectUri from the challenge is used.
I believe that redirecting to /Account/ExternalLogin?handler=Callback is correct.
Where did you get the relay state (/api/values) you mentioned?