There's some challenges with making that approach work - it depends on whether your IdP allows authentication within iframe, which it may not. SAML is an OK, but not great technology for this sort of embedding. It's not really the problem it was designed to solve.
I'd recommend that you do a proof-of-concept very early on in your project to make sure you've got a setup that solves the problem you're after.
As far as your original question is concerned, I don't want to provide recommendations, but I am aware of people successfully integrating the Elastic Stack with the IdPs below. Some of those proved to be easier than others.
- Azure AD
- Google GSuite
There's probably some others that I was told about but accidentally left of the list, and there would definitely be others that I'm simply not aware of.
In terms of deciding on which IdP to use, I would suggest you start with the following questions:
- Do you want to run it on your own servers, or use a hosted solution?
- What user repositories do you want it to integrate with (AD, LDAP, or have the IdP use its own internal user store)?
- What sort of authentication mechanisms do you need? Just a simple username+password, or MFA, or TLS certificates?
- Do you want additional authentication controls (IP filtering, time of day restrictions)?
- How do you want to control access rights - both to gain access to the Elastic Stack, and to grant roles inside Elasticsearch (e.g. retrieve groups from LDAP, assign roles manually in the IdP) ?
- Do you want to use this same IdP with additional applications?
In my experience IdPs that do less are easier to configure and work with, so if you pick an IdP that has lots of features that you don't need, you'll pay for that in complexity without getting any value from it.