...
In the context of web-based single sign-on (SSO) systems, ECP enables a user's web browser to act as a proxy between a relying party (RP) and an identity provider (IDPIdP). The user's browser can perform authentication with the IDP IdP on behalf of the RP, and then relay the SAML assertion to the RP, which can then grant access to the requested resource.
...