...
An identity provider performs the authentication that the end user is who they say they are and sends that data to the service provider along with the user’s access rights for the service.
Microsoft Active Directory or Azure are common DualShield SSO is an identity providers. , and Salesforce and other CRM solutions are usually service providers, in that they depend on an identity provider for user authentication.
...
In a SAML verification process, three parties are involved, User, Service Provider and Identity Provider. The diagrams below illustrate the relationship between them and the data flow.
What is a SAML Metadata
...