We want to use discourse in an unusual scenario where we have 400+ different IdP instances with one central discourse instance as the SP. We initiate SSO from these 400+ portal pages by redirecting to /session/sso, which will redirect to the one configured “sso url”. It would be nice if we could specify the IdP URL in this request, possibly with a whitelist in Discourse.
We currently work around this by querying the /session/sso endpoint server side, extract the Location header of the redirect, and perform the redirect manually.