Enable automatic end user redirection to identiy provider when encountering a 403 response

[EBNull]

Currently when I visit a protected subdomain without being logged in, or when logged in but without authorization, a 403 page is returned. I'd like to be automatically redirected to the configured identity provider (I use openid / oauth2) instead.