You can make use of OpenAM as IDP which is open source, I believe.
Following are easy to implement steps for enabling SSO in Pega.
1. Download the OpenAM-13.0.0 file from ForgeRock 2. deploy the WAR file in PRPC. 3. Create COT, Identity providers and service provider instances and then create Subjects(Users) 4. In the COT level or IDP level do the mapping. 5. Import the IDP metadata 6. In PRPC create a Authentication service and in the mapping tab do the mapping of IDP attributes with PRPC attributs. 7. Save it and access prpc with sso url. 8. Provide the credentials of any subject(operator) of IDP, request goes to IDP and authenticate and redirect to the PRPC(If operator is not there in the PRPC then based on the auth service tab mappings it will create operator using Model Operator of the passed values) https://pdn.pega.com/single-sign