Using omniauth for SSO and offline_access with Devise in Rails 8

Question

I have a Rails 8 application where I'm currently using Omniauth + Devise to handle SSO with Microsoft.

I also want to allow a logged-in user to perform a separate authorization of a Microsoft app registration for offline access. I don't want to have to ask for full access to everything this app wants just for SSO, nor do I want using SSO to be a requirement for authorizing the app to access their Microsoft account.

It appears that using the same strategy for SSO with Devise as well as a standalone Oauth flow is problematic. Initially I had a separate app for SSO and another for the more advanced graph functions, but using a devise initializer alongside an omniauth initializer for the same strategy is resulting in strange behavior.

I'm going to try using a separate strategy, perhaps taken from the sample app at https://github.com/microsoftgraph/msgraph-sample-rubyrailsapp and see if this prevents collision with Devise, but I'm still unsure of best practices here.

Any tips would be greatly appreciated

Edit

It appears to be impossible to use Omniauth with Devise while simultaneously using Omniauth without devise -- at least, by way of a quick example, I'm unable to use provider :developer (auth/developer route doesn't work as expected to initiate Request phase) as long as I have devise :omniauthable in my User model.

I suspect I may have to find a way to convert my SSO to not use Devise, otherwise I need to find a way to initiate request phase manually.