The use case is that you have an existing Salesforce account and you want to use this to authenticate against an application.
Note that Salesforce federates using SAML.
Points to do this:
- Hook up ADFS as the RP (SP in SAML speak) and Salesforce as the IDP using SAML
- I don't believe you can do this with Azure AD. That's because AAD is always the IDP and everything else is the SP. That's how Salesforce out the SaaS back-end of AAD works i.e. access via the Access Panel / myapps.
- Use Auth0 as in SAML : ASP.NET MVC application talking to SAML IDP . In this scenario, you are using the Auth0 Enterprise connection and configuring the SAML parameters similar to the ADFS example.
- Use Auth0 but in this case use Salesforce as in the "Third Party App". Here Auth0 does some of the heavy lifting for you but the end result is the same.