Hi @Raj909 -
Actually what you asking for is possible with ZIA. It’s true that authenticating against two different SAML IDPs is not currently possible with ZIA. However it is possible to use one IDP for authentication and a different IDP (such as LDAP/SCIM) for provisioning in the same ZIA account.
In your case ADFS for SAML Auth, AzureAD for SCIM provisioning
Be mindful that the NameID used for SAML auth must match the NameID provisioned by SCIM for this to work. Also be aware that if you leave ADFS auto-provisioning as enabled it will overwrite SCIM provisioned attributes which could lead to duplication or unnecessary userDB writes.
Certainly would recommend testing in a non-prod / Beta environment first before rolling out into prod. Work with your Zscaler team to get a non-prod / Beta account if you don’t have one already.