We've successfully enabled Single Sign On with Azure AD and SAML 2.0. 

We'd like to know if there are any best practices for bypassing the SSO check for certain end user applications. These are external portals for suppliers and other organizations.

The only thing I can think of right now is cloning the users application and modify the login actions so it doesn't do the SSO check, and use that as the user provider for the specific app, but there must be better options.. 


When we wanted SSO at application level we used https://www.outsystems.com/forge/component-overview/599/idp component. we can change the login method to use the SSO on application which requires.