One you have a business relationship with. You can sign up for a paid account with google or Microsoft. Use your own domain. Disable what ever adware options you’d like, and use that as your identity provider.
While you can roll your own, many services if they even support custom saml federation only do so for enterprise customers. You’re much more likely to find useful federated services with google or MS.