Internal Documentation protection

I have used custom login to authenticate our end users from global landing page. Now I also have enabled protection for internal documentation with protection type as project members only.

I want my end users post login to get redirected to internal documents/pages had they bookmarked those. However despite my IDP sends in this way https://domain.readme.io/internalpage?auth_token=JWT

readme is still making user to relogin again. So my questions are as below.

if ProtectionType is project members only, are those pages visible only for teammates but not the end users?
if I change protection type to custom login, what custom login uri should I give? as I might have multiple internal pages to get redirected.