Salesforce can act both as Identity Provider and Service Provider.

That means that you can either use it to log in into multiple Services (Identifying the User using same Username and Password)

Or use a different software to login into Salesforce as part of other services.

A great use case for this example will be if you have multiple Salesforce Orgs and one org to Control them all.

One org will act as Identity Provider (IDP) and Second org will be used as a Service Provider org (SPO).

1. Setup Org as IDP – Enable Identity Provider in IDP Org
2. Created a Certificate to be used by IDP
3. Setup Service Provider Org – SPO
4. 1. Entered a Remote Site for IDP org My Domain URL
5. 1. Enable Single SignOn
6. 1. Enter Single Sign On details from Certificate (Upload Certificate)
7. Create a Connected App in IDP with Login URL and Start URL from SPO Org.
8. 1. Manage App – Assign to Profiles.
9. Manage my Domain on SPO => Authenticate via IDP org
10. Setup Federation ID to each User – should match between same User across all orgs.