Giovanni,
I made contact with WSO2 as I had the same problem and they directed me to https://wso2.org/jira/browse/APIMANAGER-2118
It appears that there maybe a bug in the priority of the SAMLSSOAuthentication and Basic Authentication. I followed the points in the above link and modified the APIMHOME/repository/conf/security/authenticators.xml and changed the priority for SAMLSSO from 10 to 0
I am now able to move between store/publisher and also carbon for API Manager, Identity Server also BAM.
Hope this helps
Carl.