Single Sign-on allows you to create external identity provider applications. An external identity provider application represents an external identity provider that Single Sign-on uses to verify the user accounts. By default, Single Sign-on uses the Advanced Authentication repository that you have configured. If you do not want to use the Advanced Authentication repository, you can create an external identity provider application to use to verify the user accounts.
The requirements for creating an external identity provider are:
Obtain the metadata configuration information from the service that you want to be the identity provider. For example, you can use Google as your external identity provider instead of Advanced Authentication.
Ensure that Advanced Authentication is configured and running. Single Sign-on automatically creates events for the external identity provider in the Advanced Authentication, then you must create a chain with the proper event selected.