Hi Kenneth Choi >For SAML SSO to work 1. OneLogin IDP must be configured with Gluu SP metadata (the doc does not contain this part) 2. Gluu SP must be configured with OneLogin IDP metadata (the doc contains this part) - you do not need preregistered sp metadata gluu-passport server will generate sp metadata for you from passport-saml-configuration.json file. you need to register that generated metadata to you IDP server. I think you wants to know how to generate metadata and how to register sp using that metadata in gluu server for generating metadata for gluu server sp please check this [point](https://gluu.org/docs/ce/authn-guide/inbound-saml-passport/#gathering-saml-metadata) in doc to know how to register that metadata to server's Shibboleth please check this [link](https://gluu.org/docs/ce/admin-guide/saml/#create-a-trust-relationship) please check few points after setup 1. gluu server currently do not support idp and sp on save same server so you need two different idps ex. dev1.gluu.org for OneLogin IDP and dev2.gluu.org for Gluu SP 2. you need to make sure you have given enough scopes and attributes while creating openid client and registering TR in gluu server's Shibboleth. ex.you need openid,profile and username scopes and need to register username and email attributes to inbound saml for inbound saml with passport get work.