Connecting IdP
To support applications that cannot be covered by reverse-proxy based technologies, we use identity federation standards, particularly SAML.
For this purpose, we connect a locally installed broker with a dedicated cloud tenant, which serves as the Identity Provider (IdP), referred to as the Identity Dispatcher (IdD) later in this document.
The role of the aforementioned IdD is to expose the SAML interface to the applications that will use it, while simultaneously not exposing the currently used system that provides user identities.
[...]