Hello
That's correct, in the current context of Hyland IdP being sp-initiated, a seamless or "auto-login" experience is possible if the SAML provider supports it.
To answer your question, in terms of IdP-Initiated SAML, the Hyland IdP is actively being developed to support this. However, most SAML providers provide the option to use SP-initiated SAML via portal.
For example, The Entra “My Apps” portal is essentially bookmarks for users to access commonly used apps. Some customers may choose to place a link to the OnBase Web Client in the “My Apps” portal. By default, accessing these links will attempt to IdP-Initiated authentication which the Hyland IdP currently does not support.
As a workaround, Entra can be configured to use SP-Initiated authentication from the “My Apps” portal which is supported by the Hyland IdP.
To configure this, the Sign On URL needs to be set to the Web Client URL. For example:
