Does anyone have samples or can point to more information as to how to go about this?
I don't think there is any reasonable way to authenticate to Alfresco ReST API via SAML apart from actually, temporarily leaving your application and redirecting the browser through the authentication handshake. I would certainly know how to achieve a clean integration without temporary redirects (after the initial user authentication in the React app), but that would require using a central authentication system (Keycloak) which federates authentications (including dealing with SAML), and having a unified user base across both the React app and Alfresco. Then the React app could just fetch an OIDC access token within the already established Keycloak session, and access Alfresco, all with just plain ReST (both Keycloak and Alfresco) and without redirects.
OK, I feared something like that :-)
Perhaps another way to go would be to authenticate using basic authentication with some "service user" account. But then, would it be possible to somehow check the authorizations the logged in user has in Alfresco?