Regular Web App (using SAML)
In this scenario you have a traditional web application which needs to authenticate users using SAML2. The end result of the SAML flow after a user has successfully authenticated is a POST of the SAML Response (which contains SAML Assertions about the user) to a server-side endpoint (aka callback) in the Client. The Client therefore needs some SAML library that can process that response, validate the user, and create a local login session, which usually stored using one or more cookies.
Note: In this scenario an Access Token is also returned but it is rarely used since their is no API involved against which the user needs to be authenticated.
The following is a list of articles on this website which will help you to implement this scenario: