Thanks for the update. I think the IdP needs to provide more information. I suggest asking them the following questions.
In this environment, you most likely don’t want the IdP to persist its authentication session when the browser is closed. Can the IdP use a session cookie for the authentication so closing the browser logs out the user?
Does the IdP support the ForceAuthn flag? If so, the user should be prompted to login even if someone else is still logged in.
Does the IdP support SLO and will this cause the user to be logged out?