I am doing a Project and it is interesting project :
Project is :

I have registered a Web API and a Client Application. The authentication works.

I have a C# multi-tenant Azure Function App in Tenant A that uses Microsoft Identity Platform for authentication. It has been granted Application-level Microsoft Graph permissions (Directory.Read.All) in both Tenant A and Tenant B. With a client secret credential, I can successfully retrieve a list of users from both Tenant A and Tenant B, whether the function is running locally or deployed in the cloud.

I am trying to setup SSO for a third party SAAS application, as per the existing setup we have a two tenant architecture, one tenant for prod and one tenant for non prod. But the problem is third party SAAS application only supports one IDP at a time. What are the possible options available for me to setup SSO in this scenario? eg. b2b, cross tenant sync, entitlement etc and which would be the best option given the number of users would be between 10-20.

I am trying to setup SSO for a third party SAAS application, as per the existing setup we have a two tenant architecture, one tenant for prod and one tenant for non prod. But the problem is third party SAAS application only supports one IDP at a time. What are the possible options available for me to setup SSO in this scenario? eg. b2b, cross tenant sync, entitlement etc and which would be the best option given the number of users would be between 10-20.