>> SSO Login URL (supplied by identity provider) <-- What should I put here?
That would be `SingleSignOnService Binding` from your IDP's metadata. Start with HTTP-Redirect one.
>> Certificate (supplied by identity provider) <--- What certificate is it?
Signing cert. You can either get it from metadata as you stated or from file system. Inside chroot Gluu Server container --> `/etc/certs/idp-signing.crt`
>> Attributes: Display Name, Email, First Name, Last Name, Organization, Picture URL, User Permission, - Username
That depends on SP, whichever attribute they require. I would start with simpler one like Username, Email, First Name and Last Name.
>> In Leapsome I used
If it's SP initiated SSO, you should start from SP SSO link, not IDP. Something like [this](https://www.youtube.com/watch?v=IHUdZmw7oug&ab_channel=MohibZico)