SSO via SAML

Hi,

We want to achieve SAML Log in via webMethods as the ESB, where the Identity Provider is maintained on SAP.
It will be very similar to the below blog, except that the HTML5 application will be replaced by webMethods as the ESB.

https://blogs.sap.com/2016/03/21/principal-propagation-between-html5-and-sap-hana-xs-on-sap-hana-cloud-platform/

The user inputs the SSO via the SAML Log in of the ESB and there is a principle propagation to SAP for authentication.

How do we achieve this?
Is my understanding correct on the ESB side?

  1. SAP provides the certificates for wM to configure the Trust Store
  2. Based on the trust store thus created, create a SAML Token Issuer
  3. How do I associate an service in wM, to this SAML token?

Can you please throw some light on this?
Or is there any other easier way to achieve this?

Regards,
Revathi