I have been reading through the forums and it seems a constant request is for alternative authentication methods to Zoho and Creator applications in Zoho.  I am in no way an expert in any of these matters.  I was just sitting here thinking about the question as a whole.

     For a corporate user of an application I can see where logging in to Zoho direct is a requirement of the services.  However, isn't it possible to have these actions done via the client server system?  As in, if you are accessing via a website, couldn't the submitted request be verified and truncated per the login criteria on the web server side rather than looking for the functionality on Zoho?  Or if it is a client record of a company being accessed by the client, couldn't you write a server side script that pulls their specific record, say based off the associated login info, and displays that as the "landing page" for clients.  I would think from there you would be restricting access to the sub webpages based on auth anyways so they wouldn't be able to access webpages with certain forms embedded in them.  

    For domain login credentials, can't you do domain mapping of the addys in question?  I know we used to do something similar with our domain hosting services.  So on the client domain side, they would login as usual with a map to the associated Zoho account.  This would have those credentials stored for login to the Zoho services.  Then using SAML securely login to your Zoho services?  

     Also, if Zoho is able to do Mail Hosting for your domain, why wouldn't they be able to use those same records for authentication to the applications?  

     I'm new and it has been forever since I've coded anything, but I'm getting back into it and using Zoho as the platform.  So I could just be way off here.  Thank you,

John