1.) Create an attribute in the second User Directory with a name that matches the defined "UPN" of the SharePoint Connection, and that contains a value that is the "Unique User Id" of the user.
1.) Create a second SharePoint Connection via the SharePoint Connection Wizard, and define a "UserIdentifier" attribute that is appropriate for the second User Directory.
2.) Create the second Trusted Identity Provider in SharePoint by modifying the newly generated ".PS1" script, properly modified with a "separate" Signing Certificate.
Note: Microsoft SharePoint does not allow multiple Trusted Identity Providers to be configured with the same Signing Certificate.
3.) Update the Claims Provider of the new Trusted Identity Provider with the "Update-SMTrustedIdentityTokenIssuer.ps1" script.
4.) Modify the "Users" in each Legacy Resource Partnership within SSO to utilize the appropriate User Directory for the SharePoint Connection.
5.) Select the new Trusted Identity Provider for the Application in the SharePoint Central Admin Console.
6.) Create User Policies in SharePoint for the new Users.
This solution will result in the user being prompted by SharePoint to select the appropriate Trusted Identity Provider (TIP) to perform the Authentication. This is the same prompt received if the Application supports both Windows Authentication as well as "Claims Authentication".