The Adobe Admin Console allows a system administrator to configure domains which are used for login via Federated ID for Single Sign-On (SSO). The domain can be configured to allow users to log in to Creative Cloud using email addresses within that domain via an Identity Provider (IdP) once ownership of a domain is demonstrated by use of a DNS token - software installed on a server which is accessible from client workstations, or a cloud service hosted by a third party which allows for the verification of user login details via secure communication using the SAML protocol.
One such IdP is Secure Auth. To use Secure Auth, you need a server that is accessible from the Internet and has access to the directory services within the corporate network. This document describes the process to configure the Admin Console and a Secure Auth server to be able to log in to Adobe Creative Cloud applications and associated websites for Single Sign-On.
If Secure auth admin has not created a realm group, then you can simply advise them to create one using the option 'Create custom realm groups'.