We have recently released a new feature that also enables OneLogin to be a SAML Service Provider. Most of our customers are used to viewing OneLogin as a SAML Identity Provider where OneLogin authenticates the user and then signs them into other applications using SAML.
For those whose SAML skills are a little rusty, here is an ultra quick refresher. In SAML land there are two parties; the identity provider and the service provider. The identity provider establishes the identity of the user and then signs them into an application, which is also called the service provider.
The SAML Service Provider feature has already been a tremendous help to several of our customers who use it to integrate with an on-premise identity provider. One customer uses the feature to allow AD-FS to sign users into OneLogin where the user can manually launch from OneLogin. Another customer is using the SAML Service Provider interface to chain SAML responses between identity providers.
In this use case, the customer has moved half of their users from the on-premise identity provider to OneLogin, which now manages the single sign-on for all Salesforce users.
If you want to learn more, download the whitepaper about the SAML Service Provider interface or reach out to us at support@onelogin.com.