Hi Amdadul,

The Multi-Provider SSO feature allows organizations to use several SSO identity providers (IdPs) to manage authentication as well as retain local database (basic) authentication.

The integration supports any combination of local and external authentication methods on a single instance:

• LDAP
• SAML 2.0
• Digest Authentication
• Local database authentication

For example, a globally dispersed corporation might require one SSO provider for their employees, a different one for their vendors, and local database authentication for their administrators. Alternatively, a company might implement SAML 2.0 and a digest token authentication solutions on the same instance.

• Multi-Provider SSO properties, tables, and scriptsThe Integration - Multiple Provider Single Sign-On Installer plugin includes the following system properties, tables, and scripts.
• Activate Multi-Provider SSO pluginThis integration requires the Integration - Multiple Provider Single Sign-On Installer plugin.
• Set up Multi-Provider SSOYou must perform several steps to set up Multi-Provider SSO, including configuring properties, creating identity providers (IdPs), and configuring users to use SSO.
• Changes to SAML 2.0 and digest token configurationMultiple provider single sign-on allows administrators to configure SAML 2.0 Update 1 and digest token as authentication methods.

SAML 2.0 single sign-on (SSO) supports integration with Microsoft Active Directory Federation Services (ADFS) 3.0. For information about installing and configuring ADFS, see Active Directory Federation Services Overview.

• Set up ADFS for SAMLThis procedure uses ADFS 2.0 and shows samportal.example.com as the ADFS website. Replace this with your ADFS website address.
• Set up the instance for ADFSAfter you set up ADFS 2.0 or 3.0, set up the instance and SAML 2.0 settings to work with ADFS.
• Configure an ADFS relying partyAt this point you can take the instance metadata and import it into your ADFS server. However, manual configuration of the relying party appears to be easier to implement.
• Configure ADFS relying party claim rulesEdit the Claim rules to enable proper communication with the instance.
• Create a SAML logout endpointCreate a SAML logout endpoint to allow single logout.
• Test the ADFS configurationTest your ADFS configuration to verify that it is properly functioning as an identity provider.
• (Workaround) Enable service provider-initiated authenticationA workaround is available if authentication fails because you do not have SAML 2.0 Update 1. This can happen if users attempt to skip IdP authentication and navigate directly to the instance.
• (Workaround) Support Kerberos authenticationA workaround is available for the SAML 2.0 integration that changes the authentication context from forms-based authentication to Windows-based authentication.

To add further, you can refer to this video "How to Configure ADFS 2.0 to Communicate with SAML 2.0". The video was demonstrated on Fuji, but it can be used as a reference.

Source: Link