diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 1451c647f658e..d877fcacd2cdd 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -743,7 +743,7 @@ packages/kbn-rule-data-utils @elastic/security-detections-response @elastic/resp
 x-pack/plugins/rule_registry @elastic/response-ops @elastic/obs-ux-management-team
 x-pack/plugins/runtime_fields @elastic/kibana-management
 packages/kbn-safer-lodash-set @elastic/kibana-security
-x-pack/test/security_api_integration/plugins/saml_provider @elastic/kibana-security
+packages/kbn-saml-provider-plugin @elastic/kibana-security
 x-pack/test/plugin_api_integration/plugins/sample_task_plugin @elastic/response-ops
 x-pack/test/task_manager_claimer_update_by_query/plugins/sample_task_plugin_mget @elastic/response-ops
 test/plugin_functional/plugins/saved_object_export_transforms @elastic/kibana-core
diff --git a/package.json b/package.json
index bd48650953021..f6b99101aab36 100644
--- a/package.json
+++ b/package.json
@@ -761,7 +761,7 @@
     "@kbn/rule-registry-plugin": "link:x-pack/plugins/rule_registry",
     "@kbn/runtime-fields-plugin": "link:x-pack/plugins/runtime_fields",
     "@kbn/safer-lodash-set": "link:packages/kbn-safer-lodash-set",
-    "@kbn/saml-provider-plugin": "link:x-pack/test/security_api_integration/plugins/saml_provider",
+    "@kbn/saml-provider-plugin": "link:packages/kbn-saml-provider-plugin",
     "@kbn/sample-task-plugin": "link:x-pack/test/plugin_api_integration/plugins/sample_task_plugin",
     "@kbn/sample-task-plugin-update-by-query": "link:x-pack/test/task_manager_claimer_update_by_query/plugins/sample_task_plugin_mget",
     "@kbn/saved-object-export-transforms-plugin": "link:test/plugin_functional/plugins/saved_object_export_transforms",
diff --git a/packages/kbn-saml-provider-plugin/README.md b/packages/kbn-saml-provider-plugin/README.md
new file mode 100644
index 0000000000000..6456631124c27
--- /dev/null
+++ b/packages/kbn-saml-provider-plugin/README.md
@@ -0,0 +1,3 @@
+# @kbn/saml-provider-plugin
+
+Saml provider plugin for testing purpose
diff --git a/x-pack/test/security_api_integration/packages/helpers/saml/saml_tools.ts b/packages/kbn-saml-provider-plugin/helpers/saml_tools.ts
similarity index 94%
rename from x-pack/test/security_api_integration/packages/helpers/saml/saml_tools.ts
rename to packages/kbn-saml-provider-plugin/helpers/saml_tools.ts
index b1dd8f851caf0..4cb481622f681 100644
--- a/x-pack/test/security_api_integration/packages/helpers/saml/saml_tools.ts
+++ b/packages/kbn-saml-provider-plugin/helpers/saml_tools.ts
@@ -1,8 +1,10 @@
 /*
  * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
+ * or more contributor license agreements. Licensed under the "Elastic License
+ * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side
+ * Public License v 1"; you may not use this file except in compliance with, at
+ * your election, the "Elastic License 2.0", the "GNU Affero General Public
+ * License v3.0 only", or the "Server Side Public License, v 1".
  */
 
 import crypto from 'crypto';
diff --git a/packages/kbn-saml-provider-plugin/index.ts b/packages/kbn-saml-provider-plugin/index.ts
new file mode 100644
index 0000000000000..39d5330d678ef
--- /dev/null
+++ b/packages/kbn-saml-provider-plugin/index.ts
@@ -0,0 +1,24 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the "Elastic License
+ * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side
+ * Public License v 1"; you may not use this file except in compliance with, at
+ * your election, the "Elastic License 2.0", the "GNU Affero General Public
+ * License v3.0 only", or the "Server Side Public License, v 1".
+ */
+
+import path from 'path';
+
+const resourcesPath = path.resolve(__dirname, 'resources');
+
+export const pluginPath = path.resolve(__dirname);
+
+export const IDP_METADATA_PATHS = {
+  default: path.resolve(pluginPath, 'metadata.xml'),
+  saml1: path.resolve(resourcesPath, 'idp_metadata.xml'),
+  saml2: path.resolve(resourcesPath, 'idp_metadata_2.xml'),
+  neverLogin: path.resolve(resourcesPath, 'idp_metadata_never_login.xml'),
+  mockIdpPlugin: path.resolve(resourcesPath, 'idp_metadata_mock_idp.xml'),
+};
+
+export { getLogoutRequest, getSAMLRequestId, getSAMLResponse } from './helpers/saml_tools';
diff --git a/x-pack/test/security_api_integration/plugins/saml_provider/kibana.jsonc b/packages/kbn-saml-provider-plugin/kibana.jsonc
similarity index 100%
rename from x-pack/test/security_api_integration/plugins/saml_provider/kibana.jsonc
rename to packages/kbn-saml-provider-plugin/kibana.jsonc
diff --git a/x-pack/test/security_api_integration/plugins/saml_provider/metadata.xml b/packages/kbn-saml-provider-plugin/metadata.xml
similarity index 100%
rename from x-pack/test/security_api_integration/plugins/saml_provider/metadata.xml
rename to packages/kbn-saml-provider-plugin/metadata.xml
diff --git a/packages/kbn-saml-provider-plugin/package.json b/packages/kbn-saml-provider-plugin/package.json
new file mode 100644
index 0000000000000..89bf276bc5525
--- /dev/null
+++ b/packages/kbn-saml-provider-plugin/package.json
@@ -0,0 +1,6 @@
+{
+  "name": "@kbn/saml-provider-plugin",
+  "private": true,
+  "version": "1.0.0",
+  "license": "Elastic License 2.0 OR AGPL-3.0-only OR SSPL-1.0"
+}
\ No newline at end of file
diff --git a/x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata.xml b/packages/kbn-saml-provider-plugin/resources/idp_metadata.xml
similarity index 100%
rename from x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata.xml
rename to packages/kbn-saml-provider-plugin/resources/idp_metadata.xml
diff --git a/x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_2.xml b/packages/kbn-saml-provider-plugin/resources/idp_metadata_2.xml
similarity index 100%
rename from x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_2.xml
rename to packages/kbn-saml-provider-plugin/resources/idp_metadata_2.xml
diff --git a/x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_mock_idp.xml b/packages/kbn-saml-provider-plugin/resources/idp_metadata_mock_idp.xml
similarity index 100%
rename from x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_mock_idp.xml
rename to packages/kbn-saml-provider-plugin/resources/idp_metadata_mock_idp.xml
diff --git a/x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_never_login.xml b/packages/kbn-saml-provider-plugin/resources/idp_metadata_never_login.xml
similarity index 100%
rename from x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_never_login.xml
rename to packages/kbn-saml-provider-plugin/resources/idp_metadata_never_login.xml
diff --git a/x-pack/test/security_api_integration/plugins/saml_provider/server/index.ts b/packages/kbn-saml-provider-plugin/server/index.ts
similarity index 60%
rename from x-pack/test/security_api_integration/plugins/saml_provider/server/index.ts
rename to packages/kbn-saml-provider-plugin/server/index.ts
index 865240e32e9f0..30d47b1a6e091 100644
--- a/x-pack/test/security_api_integration/plugins/saml_provider/server/index.ts
+++ b/packages/kbn-saml-provider-plugin/server/index.ts
@@ -1,8 +1,10 @@
 /*
  * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
+ * or more contributor license agreements. Licensed under the "Elastic License
+ * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side
+ * Public License v 1"; you may not use this file except in compliance with, at
+ * your election, the "Elastic License 2.0", the "GNU Affero General Public
+ * License v3.0 only", or the "Server Side Public License, v 1".
  */
 
 import type { CloudSetup } from '@kbn/cloud-plugin/server';
diff --git a/x-pack/test/security_api_integration/plugins/saml_provider/server/init_routes.ts b/packages/kbn-saml-provider-plugin/server/init_routes.ts
similarity index 87%
rename from x-pack/test/security_api_integration/plugins/saml_provider/server/init_routes.ts
rename to packages/kbn-saml-provider-plugin/server/init_routes.ts
index f9e84caca0531..2d22cb136ca6e 100644
--- a/x-pack/test/security_api_integration/plugins/saml_provider/server/init_routes.ts
+++ b/packages/kbn-saml-provider-plugin/server/init_routes.ts
@@ -1,15 +1,14 @@
 /*
  * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
+ * or more contributor license agreements. Licensed under the "Elastic License
+ * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side
+ * Public License v 1"; you may not use this file except in compliance with, at
+ * your election, the "Elastic License 2.0", the "GNU Affero General Public
+ * License v3.0 only", or the "Server Side Public License, v 1".
  */
 
 import type { CoreSetup, PluginInitializerContext } from '@kbn/core/server';
-import {
-  getSAMLRequestId,
-  getSAMLResponse,
-} from '@kbn/security-api-integration-helpers/saml/saml_tools';
+import { getSAMLRequestId, getSAMLResponse } from '../helpers/saml_tools';
 
 import type { PluginSetupDependencies } from '.';
 
diff --git a/packages/kbn-saml-provider-plugin/tsconfig.json b/packages/kbn-saml-provider-plugin/tsconfig.json
new file mode 100644
index 0000000000000..5e3d4bf264dee
--- /dev/null
+++ b/packages/kbn-saml-provider-plugin/tsconfig.json
@@ -0,0 +1,21 @@
+{
+  "extends": "../../tsconfig.base.json",
+  "compilerOptions": {
+    "outDir": "target/types",
+    "types": [
+      "jest",
+      "node"
+    ]
+  },
+  "include": [
+    "**/*.ts",
+  ],
+  "exclude": [
+    "target/**/*"
+  ],
+  "kbn_references": [
+    "@kbn/dev-utils",
+    "@kbn/cloud-plugin",
+    "@kbn/core",
+  ]
+}
diff --git a/tsconfig.base.json b/tsconfig.base.json
index 4471cb1bc6754..65b04932bbd0b 100644
--- a/tsconfig.base.json
+++ b/tsconfig.base.json
@@ -1480,8 +1480,8 @@
       "@kbn/runtime-fields-plugin/*": ["x-pack/plugins/runtime_fields/*"],
       "@kbn/safer-lodash-set": ["packages/kbn-safer-lodash-set"],
       "@kbn/safer-lodash-set/*": ["packages/kbn-safer-lodash-set/*"],
-      "@kbn/saml-provider-plugin": ["x-pack/test/security_api_integration/plugins/saml_provider"],
-      "@kbn/saml-provider-plugin/*": ["x-pack/test/security_api_integration/plugins/saml_provider/*"],
+      "@kbn/saml-provider-plugin": ["packages/kbn-saml-provider-plugin"],
+      "@kbn/saml-provider-plugin/*": ["packages/kbn-saml-provider-plugin/*"],
       "@kbn/sample-task-plugin": ["x-pack/test/plugin_api_integration/plugins/sample_task_plugin"],
       "@kbn/sample-task-plugin/*": ["x-pack/test/plugin_api_integration/plugins/sample_task_plugin/*"],
       "@kbn/sample-task-plugin-update-by-query": ["x-pack/test/task_manager_claimer_update_by_query/plugins/sample_task_plugin_mget"],
diff --git a/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts b/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts
index bd423762255a5..7275911b5a706 100644
--- a/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts
+++ b/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts
@@ -22,6 +22,7 @@ import {
 import path from 'path';
 import { REPO_ROOT } from '@kbn/repo-info';
 import { STATEFUL_ROLES_ROOT_PATH } from '@kbn/es';
+import { IDP_METADATA_PATHS, pluginPath as samlIdPPlugin } from '@kbn/saml-provider-plugin';
 import { dockerImage } from '../../../fleet_api_integration/config.base';
 import { DeploymentAgnosticCommonServices, services } from '../services';
 
@@ -61,15 +62,6 @@ export function createStatefulTestConfig<T extends DeploymentAgnosticCommonServi
 
     const xPackAPITestsConfig = await readConfigFile(require.resolve('../../config.ts'));
 
-    // TODO: move to kbn-es because currently metadata file has hardcoded entityID and Location
-    const idpPath = require.resolve(
-      '@kbn/security-api-integration-helpers/saml/idp_metadata_mock_idp.xml'
-    );
-    const samlIdPPlugin = path.resolve(
-      __dirname,
-      '../../../security_api_integration/plugins/saml_provider'
-    );
-
     const servers = {
       kibana: {
         ...kbnTestConfig.getUrlParts(systemIndicesSuperuser),
@@ -109,7 +101,7 @@ export function createStatefulTestConfig<T extends DeploymentAgnosticCommonServi
           ...xPackAPITestsConfig.get('esTestCluster.serverArgs'),
           'xpack.security.authc.token.enabled=true',
           `xpack.security.authc.realms.saml.${MOCK_IDP_REALM_NAME}.order=0`,
-          `xpack.security.authc.realms.saml.${MOCK_IDP_REALM_NAME}.idp.metadata.path=${idpPath}`,
+          `xpack.security.authc.realms.saml.${MOCK_IDP_REALM_NAME}.idp.metadata.path=${IDP_METADATA_PATHS.mockIdpPlugin}`,
           `xpack.security.authc.realms.saml.${MOCK_IDP_REALM_NAME}.idp.entity_id=${MOCK_IDP_ENTITY_ID}`,
           `xpack.security.authc.realms.saml.${MOCK_IDP_REALM_NAME}.sp.entity_id=${kbnUrl}`,
           `xpack.security.authc.realms.saml.${MOCK_IDP_REALM_NAME}.sp.acs=${kbnUrl}/api/security/saml/callback`,
diff --git a/x-pack/test/cloud_integration/config.ts b/x-pack/test/cloud_integration/config.ts
index 44e3453491971..1d383c4e049fb 100644
--- a/x-pack/test/cloud_integration/config.ts
+++ b/x-pack/test/cloud_integration/config.ts
@@ -24,10 +24,11 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
     require.resolve('@kbn/test-suites-src/functional/config.base')
   );
 
-  const kibanaPort = kibanaFunctionalConfig.get('servers.kibana.port');
   const idpPath = resolve(__dirname, './plugins/saml_provider/metadata.xml');
   const samlIdPPlugin = resolve(__dirname, './plugins/saml_provider');
 
+  const kibanaPort = kibanaFunctionalConfig.get('servers.kibana.port');
+
   return {
     testFiles: [...(RUN_FULLSTORY_TESTS ? [resolve(__dirname, './tests/fullstory')] : [])],
 
diff --git a/x-pack/test/functional_cloud/config.ts b/x-pack/test/functional_cloud/config.ts
index df75e83138ed5..2bcc288054ad2 100644
--- a/x-pack/test/functional_cloud/config.ts
+++ b/x-pack/test/functional_cloud/config.ts
@@ -4,18 +4,14 @@
  * 2.0; you may not use this file except in compliance with the Elastic License
  * 2.0.
  */
-import { resolve } from 'path';
+
 import { FtrConfigProviderContext } from '@kbn/test';
+import { IDP_METADATA_PATHS, pluginPath as samlIdPPlugin } from '@kbn/saml-provider-plugin';
 
 export default async function ({ readConfigFile }: FtrConfigProviderContext) {
   const functionalConfig = await readConfigFile(require.resolve('../functional/config.base.js'));
 
   const kibanaPort = functionalConfig.get('servers.kibana.port');
-  const idpPath = resolve(
-    __dirname,
-    '../security_api_integration/plugins/saml_provider/metadata.xml'
-  );
-  const samlIdPPlugin = resolve(__dirname, '../security_api_integration/plugins/saml_provider');
 
   return {
     ...functionalConfig.getAll(),
@@ -31,7 +27,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
         ...functionalConfig.get('esTestCluster.serverArgs'),
         'xpack.security.authc.token.enabled=true',
         'xpack.security.authc.realms.saml.cloud-saml-kibana.order=0',
-        `xpack.security.authc.realms.saml.cloud-saml-kibana.idp.metadata.path=${idpPath}`,
+        `xpack.security.authc.realms.saml.cloud-saml-kibana.idp.metadata.path=${IDP_METADATA_PATHS.default}`,
         'xpack.security.authc.realms.saml.cloud-saml-kibana.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.cloud-saml-kibana.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.cloud-saml-kibana.sp.logout=http://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/security_api_integration/login_selector.config.ts b/x-pack/test/security_api_integration/login_selector.config.ts
index 9517cb2a45e8e..bc745a410a762 100644
--- a/x-pack/test/security_api_integration/login_selector.config.ts
+++ b/x-pack/test/security_api_integration/login_selector.config.ts
@@ -9,6 +9,7 @@ import { readFileSync } from 'fs';
 import { resolve } from 'path';
 
 import { CA_CERT_PATH, KBN_CERT_PATH, KBN_KEY_PATH } from '@kbn/dev-utils';
+import { IDP_METADATA_PATHS } from '@kbn/saml-provider-plugin';
 import type { FtrConfigProviderContext } from '@kbn/test';
 
 export default async function ({ readConfigFile }: FtrConfigProviderContext) {
@@ -32,13 +33,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
     '@kbn/security-api-integration-helpers/pki/kibana_ca.crt'
   );
 
-  const saml1IdPMetadataPath = require.resolve(
-    '@kbn/security-api-integration-helpers/saml/idp_metadata.xml'
-  );
-  const saml2IdPMetadataPath = require.resolve(
-    '@kbn/security-api-integration-helpers/saml/idp_metadata_2.xml'
-  );
-
   const servers = {
     ...xPackAPITestsConfig.get('servers'),
     elasticsearch: {
@@ -80,7 +74,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
         'xpack.security.authc.realms.pki.pki1.delegation.enabled=true',
         `xpack.security.authc.realms.pki.pki1.certificate_authorities=${CA_CERT_PATH}`,
         'xpack.security.authc.realms.saml.saml1.order=3',
-        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${saml1IdPMetadataPath}`,
+        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${IDP_METADATA_PATHS.saml1}`,
         'xpack.security.authc.realms.saml.saml1.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.saml1.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml1.sp.logout=http://localhost:${kibanaPort}/logout`,
@@ -100,7 +94,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
         `xpack.security.authc.realms.oidc.oidc1.claims.principal=sub`,
         `xpack.security.authc.realms.oidc.oidc1.ssl.certificate_authorities=${CA_CERT_PATH}`,
         'xpack.security.authc.realms.saml.saml2.order=5',
-        `xpack.security.authc.realms.saml.saml2.idp.metadata.path=${saml2IdPMetadataPath}`,
+        `xpack.security.authc.realms.saml.saml2.idp.metadata.path=${IDP_METADATA_PATHS.saml2}`,
         'xpack.security.authc.realms.saml.saml2.idp.entity_id=http://www.elastic.co/saml2',
         `xpack.security.authc.realms.saml.saml2.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml2.sp.logout=http://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/security_api_integration/packages/helpers/tsconfig.json b/x-pack/test/security_api_integration/packages/helpers/tsconfig.json
index 317baf916f5a1..37d1561f95b8d 100644
--- a/x-pack/test/security_api_integration/packages/helpers/tsconfig.json
+++ b/x-pack/test/security_api_integration/packages/helpers/tsconfig.json
@@ -14,6 +14,5 @@
     "target/**/*"
   ],
   "kbn_references": [
-    "@kbn/dev-utils",
   ]
 }
diff --git a/x-pack/test/security_api_integration/plugins/saml_provider/tsconfig.json b/x-pack/test/security_api_integration/plugins/saml_provider/tsconfig.json
deleted file mode 100644
index 5021e45b8f8b3..0000000000000
--- a/x-pack/test/security_api_integration/plugins/saml_provider/tsconfig.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
-  "extends": "../../../../../tsconfig.base.json",
-  "compilerOptions": {
-    "outDir": "target/types"
-  },
-  "include": [
-    "**/*.ts",
-    "**/*.tsx",
-  ],
-  "exclude": [
-    "target/**/*",
-  ],
-  "kbn_references": [
-    "@kbn/cloud-plugin",
-    "@kbn/core",
-    "@kbn/security-api-integration-helpers",
-  ]
-}
diff --git a/x-pack/test/security_api_integration/saml.config.ts b/x-pack/test/security_api_integration/saml.config.ts
index 1168fe9ed196b..5901a66f3ee93 100644
--- a/x-pack/test/security_api_integration/saml.config.ts
+++ b/x-pack/test/security_api_integration/saml.config.ts
@@ -7,6 +7,7 @@
 
 import { resolve } from 'path';
 
+import { IDP_METADATA_PATHS } from '@kbn/saml-provider-plugin';
 import type { FtrConfigProviderContext } from '@kbn/test';
 
 import { services } from './services';
@@ -15,7 +16,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
   const xPackAPITestsConfig = await readConfigFile(require.resolve('../api_integration/config.ts'));
 
   const kibanaPort = xPackAPITestsConfig.get('servers.kibana.port');
-  const idpPath = require.resolve('@kbn/security-api-integration-helpers/saml/idp_metadata.xml');
 
   const testEndpointsPlugin = resolve(__dirname, '../security_functional/plugins/test_endpoints');
 
@@ -37,7 +37,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
         'xpack.security.authc.token.enabled=true',
         'xpack.security.authc.token.timeout=15s',
         'xpack.security.authc.realms.saml.saml1.order=0',
-        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${idpPath}`,
+        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${IDP_METADATA_PATHS.saml1}`,
         'xpack.security.authc.realms.saml.saml1.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.saml1.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml1.sp.logout=http://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/security_api_integration/saml.http2.config.ts b/x-pack/test/security_api_integration/saml.http2.config.ts
index ddcd8ac7da446..3092b29154f79 100644
--- a/x-pack/test/security_api_integration/saml.http2.config.ts
+++ b/x-pack/test/security_api_integration/saml.http2.config.ts
@@ -6,6 +6,7 @@
  */
 
 import { CA_CERT_PATH } from '@kbn/dev-utils';
+import { IDP_METADATA_PATHS } from '@kbn/saml-provider-plugin';
 import type { FtrConfigProviderContext } from '@kbn/test';
 import { configureHTTP2 } from '@kbn/test-suites-src/common/configure_http2';
 
@@ -14,7 +15,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
   const functionalConfig = await readConfigFile(require.resolve('./saml.config'));
 
   const kibanaPort = xPackAPITestsConfig.get('servers.kibana.port');
-  const idpPath = require.resolve('@kbn/security-api-integration-helpers/saml/idp_metadata.xml');
 
   return configureHTTP2({
     ...functionalConfig.getAll(),
@@ -25,7 +25,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
         'xpack.security.authc.token.enabled=true',
         'xpack.security.authc.token.timeout=15s',
         'xpack.security.authc.realms.saml.saml1.order=0',
-        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${idpPath}`,
+        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${IDP_METADATA_PATHS.saml1}`,
         'xpack.security.authc.realms.saml.saml1.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.saml1.sp.entity_id=https://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml1.sp.logout=https://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/security_api_integration/saml_cloud.config.ts b/x-pack/test/security_api_integration/saml_cloud.config.ts
index 86450379a4364..e3bfcf593bace 100644
--- a/x-pack/test/security_api_integration/saml_cloud.config.ts
+++ b/x-pack/test/security_api_integration/saml_cloud.config.ts
@@ -5,6 +5,7 @@
  * 2.0.
  */
 
+import { IDP_METADATA_PATHS } from '@kbn/saml-provider-plugin';
 import type { FtrConfigProviderContext } from '@kbn/test';
 
 import { services } from './services';
@@ -13,7 +14,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
   const xPackAPITestsConfig = await readConfigFile(require.resolve('../api_integration/config.ts'));
 
   const kibanaPort = xPackAPITestsConfig.get('servers.kibana.port');
-  const idpPath = require.resolve('@kbn/security-api-integration-helpers/saml/idp_metadata.xml');
 
   return {
     testFiles: [require.resolve('./tests/saml_cloud')],
@@ -31,7 +31,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
         'xpack.security.authc.token.enabled=true',
         'xpack.security.authc.token.timeout=15s',
         'xpack.security.authc.realms.saml.cloud-saml-kibana.order=0',
-        `xpack.security.authc.realms.saml.cloud-saml-kibana.idp.metadata.path=${idpPath}`,
+        `xpack.security.authc.realms.saml.cloud-saml-kibana.idp.metadata.path=${IDP_METADATA_PATHS.saml1}`,
         'xpack.security.authc.realms.saml.cloud-saml-kibana.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.cloud-saml-kibana.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.cloud-saml-kibana.sp.logout=http://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/security_api_integration/session_concurrent_limit.config.ts b/x-pack/test/security_api_integration/session_concurrent_limit.config.ts
index ff3e9f590a749..c547ab4ff4735 100644
--- a/x-pack/test/security_api_integration/session_concurrent_limit.config.ts
+++ b/x-pack/test/security_api_integration/session_concurrent_limit.config.ts
@@ -7,6 +7,7 @@
 
 import { resolve } from 'path';
 
+import { IDP_METADATA_PATHS } from '@kbn/saml-provider-plugin';
 import type { FtrConfigProviderContext } from '@kbn/test';
 
 import { services } from './services';
@@ -17,7 +18,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
   const xPackAPITestsConfig = await readConfigFile(require.resolve('../api_integration/config.ts'));
 
   const kibanaPort = xPackAPITestsConfig.get('servers.kibana.port');
-  const idpPath = require.resolve('@kbn/security-api-integration-helpers/saml/idp_metadata.xml');
 
   const testEndpointsPlugin = resolve(__dirname, '../security_functional/plugins/test_endpoints');
 
@@ -32,7 +32,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
         'xpack.security.authc.token.enabled=true',
         'xpack.security.authc.realms.native.native1.order=0',
         'xpack.security.authc.realms.saml.saml1.order=1',
-        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${idpPath}`,
+        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${IDP_METADATA_PATHS.saml1}`,
         'xpack.security.authc.realms.saml.saml1.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.saml1.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml1.sp.logout=http://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/security_api_integration/session_idle.config.ts b/x-pack/test/security_api_integration/session_idle.config.ts
index 9509d919c8ddd..f409004f39db1 100644
--- a/x-pack/test/security_api_integration/session_idle.config.ts
+++ b/x-pack/test/security_api_integration/session_idle.config.ts
@@ -7,6 +7,7 @@
 
 import { resolve } from 'path';
 
+import { IDP_METADATA_PATHS } from '@kbn/saml-provider-plugin';
 import type { FtrConfigProviderContext } from '@kbn/test';
 
 import { services } from './services';
@@ -17,7 +18,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
   const xPackAPITestsConfig = await readConfigFile(require.resolve('../api_integration/config.ts'));
 
   const kibanaPort = xPackAPITestsConfig.get('servers.kibana.port');
-  const idpPath = require.resolve('@kbn/security-api-integration-helpers/saml/idp_metadata.xml');
 
   const testEndpointsPlugin = resolve(__dirname, '../security_functional/plugins/test_endpoints');
 
@@ -32,7 +32,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
         'xpack.security.authc.token.enabled=true',
         'xpack.security.authc.token.timeout=15s',
         'xpack.security.authc.realms.saml.saml1.order=0',
-        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${idpPath}`,
+        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${IDP_METADATA_PATHS.saml1}`,
         'xpack.security.authc.realms.saml.saml1.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.saml1.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml1.sp.logout=http://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/security_api_integration/session_invalidate.config.ts b/x-pack/test/security_api_integration/session_invalidate.config.ts
index 33be8e8f8f0d2..795624d76d3b9 100644
--- a/x-pack/test/security_api_integration/session_invalidate.config.ts
+++ b/x-pack/test/security_api_integration/session_invalidate.config.ts
@@ -7,6 +7,7 @@
 
 import { resolve } from 'path';
 
+import { IDP_METADATA_PATHS } from '@kbn/saml-provider-plugin';
 import type { FtrConfigProviderContext } from '@kbn/test';
 
 import { services } from './services';
@@ -17,7 +18,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
   const xPackAPITestsConfig = await readConfigFile(require.resolve('../api_integration/config.ts'));
 
   const kibanaPort = xPackAPITestsConfig.get('servers.kibana.port');
-  const idpPath = require.resolve('@kbn/security-api-integration-helpers/saml/idp_metadata.xml');
 
   return {
     testFiles: [resolve(__dirname, './tests/session_invalidate')],
@@ -30,7 +30,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
         'xpack.security.authc.token.enabled=true',
         'xpack.security.authc.realms.native.native1.order=0',
         'xpack.security.authc.realms.saml.saml1.order=1',
-        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${idpPath}`,
+        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${IDP_METADATA_PATHS.saml1}`,
         'xpack.security.authc.realms.saml.saml1.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.saml1.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml1.sp.logout=http://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/security_api_integration/session_lifespan.config.ts b/x-pack/test/security_api_integration/session_lifespan.config.ts
index 9b37f45327c5c..289f5f0dab676 100644
--- a/x-pack/test/security_api_integration/session_lifespan.config.ts
+++ b/x-pack/test/security_api_integration/session_lifespan.config.ts
@@ -7,6 +7,7 @@
 
 import { resolve } from 'path';
 
+import { IDP_METADATA_PATHS } from '@kbn/saml-provider-plugin';
 import type { FtrConfigProviderContext } from '@kbn/test';
 
 import { services } from './services';
@@ -17,7 +18,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
   const xPackAPITestsConfig = await readConfigFile(require.resolve('../api_integration/config.ts'));
 
   const kibanaPort = xPackAPITestsConfig.get('servers.kibana.port');
-  const idpPath = require.resolve('@kbn/security-api-integration-helpers/saml/idp_metadata.xml');
 
   return {
     testFiles: [resolve(__dirname, './tests/session_lifespan')],
@@ -30,7 +30,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
         'xpack.security.authc.token.enabled=true',
         'xpack.security.authc.token.timeout=15s',
         'xpack.security.authc.realms.saml.saml1.order=0',
-        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${idpPath}`,
+        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${IDP_METADATA_PATHS.saml1}`,
         'xpack.security.authc.realms.saml.saml1.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.saml1.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml1.sp.logout=http://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/security_api_integration/tests/login_selector/basic_functionality.ts b/x-pack/test/security_api_integration/tests/login_selector/basic_functionality.ts
index 6536c9a08063d..3ca1322ae2bbd 100644
--- a/x-pack/test/security_api_integration/tests/login_selector/basic_functionality.ts
+++ b/x-pack/test/security_api_integration/tests/login_selector/basic_functionality.ts
@@ -12,15 +12,12 @@ import url from 'url';
 
 import { CA_CERT_PATH } from '@kbn/dev-utils';
 import expect from '@kbn/expect';
+import { getSAMLRequestId, getSAMLResponse } from '@kbn/saml-provider-plugin';
 import {
   getMutualAuthenticationResponseToken,
   getSPNEGOToken,
 } from '@kbn/security-api-integration-helpers/kerberos/kerberos_tools';
 import { getStateAndNonce } from '@kbn/security-api-integration-helpers/oidc/oidc_tools';
-import {
-  getSAMLRequestId,
-  getSAMLResponse,
-} from '@kbn/security-api-integration-helpers/saml/saml_tools';
 import type { AuthenticationProvider } from '@kbn/security-plugin/common';
 
 import type { FtrProviderContext } from '../../ftr_provider_context';
diff --git a/x-pack/test/security_api_integration/tests/saml/saml_login.ts b/x-pack/test/security_api_integration/tests/saml/saml_login.ts
index 71994bc5512ca..b1e1da18748f0 100644
--- a/x-pack/test/security_api_integration/tests/saml/saml_login.ts
+++ b/x-pack/test/security_api_integration/tests/saml/saml_login.ts
@@ -13,11 +13,7 @@ import { parse as parseCookie } from 'tough-cookie';
 import url from 'url';
 
 import expect from '@kbn/expect';
-import {
-  getLogoutRequest,
-  getSAMLRequestId,
-  getSAMLResponse,
-} from '@kbn/security-api-integration-helpers/saml/saml_tools';
+import { getLogoutRequest, getSAMLRequestId, getSAMLResponse } from '@kbn/saml-provider-plugin';
 import { adminTestUser } from '@kbn/test';
 
 import type { FtrProviderContext } from '../../ftr_provider_context';
diff --git a/x-pack/test/security_api_integration/tests/saml_cloud/saml_login.ts b/x-pack/test/security_api_integration/tests/saml_cloud/saml_login.ts
index 1282654506300..3b4d736e3449f 100644
--- a/x-pack/test/security_api_integration/tests/saml_cloud/saml_login.ts
+++ b/x-pack/test/security_api_integration/tests/saml_cloud/saml_login.ts
@@ -9,7 +9,7 @@ import type { Cookie } from 'tough-cookie';
 import { parse as parseCookie } from 'tough-cookie';
 
 import expect from '@kbn/expect';
-import { getSAMLResponse } from '@kbn/security-api-integration-helpers/saml/saml_tools';
+import { getSAMLResponse } from '@kbn/saml-provider-plugin';
 
 import type { FtrProviderContext } from '../../ftr_provider_context';
 
diff --git a/x-pack/test/security_api_integration/tests/session_concurrent_limit/cleanup.ts b/x-pack/test/security_api_integration/tests/session_concurrent_limit/cleanup.ts
index cac4f3b678149..9b5dea3032fb2 100644
--- a/x-pack/test/security_api_integration/tests/session_concurrent_limit/cleanup.ts
+++ b/x-pack/test/security_api_integration/tests/session_concurrent_limit/cleanup.ts
@@ -17,10 +17,7 @@ import type { Cookie } from 'tough-cookie';
 import { parse as parseCookie } from 'tough-cookie';
 
 import expect from '@kbn/expect';
-import {
-  getSAMLRequestId,
-  getSAMLResponse,
-} from '@kbn/security-api-integration-helpers/saml/saml_tools';
+import { getSAMLRequestId, getSAMLResponse } from '@kbn/saml-provider-plugin';
 import type { AuthenticationProvider } from '@kbn/security-plugin/common';
 import { adminTestUser } from '@kbn/test';
 
diff --git a/x-pack/test/security_api_integration/tests/session_concurrent_limit/global_limit.ts b/x-pack/test/security_api_integration/tests/session_concurrent_limit/global_limit.ts
index b1bb30e1a6cb6..7fb72f71ca1ab 100644
--- a/x-pack/test/security_api_integration/tests/session_concurrent_limit/global_limit.ts
+++ b/x-pack/test/security_api_integration/tests/session_concurrent_limit/global_limit.ts
@@ -9,10 +9,7 @@ import type { Cookie } from 'tough-cookie';
 import { parse as parseCookie } from 'tough-cookie';
 
 import expect from '@kbn/expect';
-import {
-  getSAMLRequestId,
-  getSAMLResponse,
-} from '@kbn/security-api-integration-helpers/saml/saml_tools';
+import { getSAMLRequestId, getSAMLResponse } from '@kbn/saml-provider-plugin';
 import type { AuthenticationProvider } from '@kbn/security-plugin/common';
 import { adminTestUser } from '@kbn/test';
 
diff --git a/x-pack/test/security_api_integration/tests/session_idle/cleanup.ts b/x-pack/test/security_api_integration/tests/session_idle/cleanup.ts
index 9c0f92b2c0182..d956e3ce31049 100644
--- a/x-pack/test/security_api_integration/tests/session_idle/cleanup.ts
+++ b/x-pack/test/security_api_integration/tests/session_idle/cleanup.ts
@@ -10,10 +10,7 @@ import type { Cookie } from 'tough-cookie';
 import { parse as parseCookie } from 'tough-cookie';
 
 import expect from '@kbn/expect';
-import {
-  getSAMLRequestId,
-  getSAMLResponse,
-} from '@kbn/security-api-integration-helpers/saml/saml_tools';
+import { getSAMLRequestId, getSAMLResponse } from '@kbn/saml-provider-plugin';
 import type { AuthenticationProvider } from '@kbn/security-plugin/common';
 import { adminTestUser } from '@kbn/test';
 
diff --git a/x-pack/test/security_api_integration/tests/session_invalidate/invalidate.ts b/x-pack/test/security_api_integration/tests/session_invalidate/invalidate.ts
index 184b46a7d13c2..df2bf09ff1202 100644
--- a/x-pack/test/security_api_integration/tests/session_invalidate/invalidate.ts
+++ b/x-pack/test/security_api_integration/tests/session_invalidate/invalidate.ts
@@ -9,10 +9,7 @@ import type { Cookie } from 'tough-cookie';
 import { parse as parseCookie } from 'tough-cookie';
 
 import expect from '@kbn/expect';
-import {
-  getSAMLRequestId,
-  getSAMLResponse,
-} from '@kbn/security-api-integration-helpers/saml/saml_tools';
+import { getSAMLRequestId, getSAMLResponse } from '@kbn/saml-provider-plugin';
 import type { AuthenticationProvider } from '@kbn/security-plugin/common';
 import { adminTestUser } from '@kbn/test';
 
diff --git a/x-pack/test/security_api_integration/tests/session_lifespan/cleanup.ts b/x-pack/test/security_api_integration/tests/session_lifespan/cleanup.ts
index 77de7d5915a45..894fb8c1c5152 100644
--- a/x-pack/test/security_api_integration/tests/session_lifespan/cleanup.ts
+++ b/x-pack/test/security_api_integration/tests/session_lifespan/cleanup.ts
@@ -10,10 +10,7 @@ import type { Cookie } from 'tough-cookie';
 import { parse as parseCookie } from 'tough-cookie';
 
 import expect from '@kbn/expect';
-import {
-  getSAMLRequestId,
-  getSAMLResponse,
-} from '@kbn/security-api-integration-helpers/saml/saml_tools';
+import { getSAMLRequestId, getSAMLResponse } from '@kbn/saml-provider-plugin';
 import type { AuthenticationProvider } from '@kbn/security-plugin/common';
 import { adminTestUser } from '@kbn/test';
 
diff --git a/x-pack/test/security_functional/login_selector.config.ts b/x-pack/test/security_functional/login_selector.config.ts
index d6abf075281f0..5f43b0ca36f10 100644
--- a/x-pack/test/security_functional/login_selector.config.ts
+++ b/x-pack/test/security_functional/login_selector.config.ts
@@ -7,6 +7,7 @@
 
 import { resolve } from 'path';
 
+import { IDP_METADATA_PATHS, pluginPath as samlIdPPlugin } from '@kbn/saml-provider-plugin';
 import type { FtrConfigProviderContext } from '@kbn/test';
 
 import { pageObjects } from '../functional/page_objects';
@@ -23,14 +24,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
   );
 
   const kibanaPort = kibanaFunctionalConfig.get('servers.kibana.port');
-  const idpPath = resolve(
-    __dirname,
-    '../security_api_integration/plugins/saml_provider/metadata.xml'
-  );
-  const idpNeverLoginPath = require.resolve(
-    '@kbn/security-api-integration-helpers/saml/idp_metadata_never_login.xml'
-  );
-  const samlIdPPlugin = resolve(__dirname, '../security_api_integration/plugins/saml_provider');
 
   const testEndpointsPlugin = resolve(__dirname, './plugins/test_endpoints');
 
@@ -49,14 +42,14 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
         'xpack.security.authc.token.enabled=true',
         'xpack.security.authc.realms.native.native1.order=0',
         'xpack.security.authc.realms.saml.saml1.order=1',
-        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${idpPath}`,
+        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${IDP_METADATA_PATHS.default}`,
         'xpack.security.authc.realms.saml.saml1.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.saml1.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml1.sp.logout=http://localhost:${kibanaPort}/logout`,
         `xpack.security.authc.realms.saml.saml1.sp.acs=http://localhost:${kibanaPort}/api/security/saml/callback`,
         'xpack.security.authc.realms.saml.saml1.attributes.principal=urn:oid:0.0.7',
         'xpack.security.authc.realms.saml.saml_never.order=2',
-        `xpack.security.authc.realms.saml.saml_never.idp.metadata.path=${idpNeverLoginPath}`,
+        `xpack.security.authc.realms.saml.saml_never.idp.metadata.path=${IDP_METADATA_PATHS.neverLogin}`,
         'xpack.security.authc.realms.saml.saml_never.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.saml_never.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml_never.sp.logout=http://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/security_functional/saml.config.ts b/x-pack/test/security_functional/saml.config.ts
index 91afd72c97747..b84849f8080fc 100644
--- a/x-pack/test/security_functional/saml.config.ts
+++ b/x-pack/test/security_functional/saml.config.ts
@@ -7,6 +7,7 @@
 
 import { resolve } from 'path';
 
+import { IDP_METADATA_PATHS, pluginPath as samlIdPPlugin } from '@kbn/saml-provider-plugin';
 import type { FtrConfigProviderContext } from '@kbn/test';
 
 import { pageObjects } from '../functional/page_objects';
@@ -23,11 +24,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
   );
 
   const kibanaPort = kibanaFunctionalConfig.get('servers.kibana.port');
-  const idpPath = resolve(
-    __dirname,
-    '../security_api_integration/plugins/saml_provider/metadata.xml'
-  );
-  const samlIdPPlugin = resolve(__dirname, '../security_api_integration/plugins/saml_provider');
 
   const testEndpointsPlugin = resolve(__dirname, './plugins/test_endpoints');
 
@@ -45,7 +41,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
       serverArgs: [
         'xpack.security.authc.token.enabled=true',
         'xpack.security.authc.realms.saml.saml1.order=0',
-        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${idpPath}`,
+        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${IDP_METADATA_PATHS.default}`,
         'xpack.security.authc.realms.saml.saml1.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.saml1.sp.entity_id=http://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml1.sp.logout=http://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/security_functional/saml.http2.config.ts b/x-pack/test/security_functional/saml.http2.config.ts
index 34131c82e0090..7c2357e907e03 100644
--- a/x-pack/test/security_functional/saml.http2.config.ts
+++ b/x-pack/test/security_functional/saml.http2.config.ts
@@ -11,9 +11,8 @@
  * 2.0.
  */
 
-import { resolve } from 'path';
-
 import { CA_CERT_PATH } from '@kbn/dev-utils';
+import { IDP_METADATA_PATHS } from '@kbn/saml-provider-plugin';
 import type { FtrConfigProviderContext } from '@kbn/test';
 import { configureHTTP2 } from '@kbn/test-suites-src/common/configure_http2';
 
@@ -26,10 +25,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
   );
 
   const kibanaPort = kibanaFunctionalConfig.get('servers.kibana.port');
-  const idpPath = resolve(
-    __dirname,
-    '../security_api_integration/plugins/saml_provider/metadata.xml'
-  );
 
   return configureHTTP2({
     ...functionalConfig.getAll(),
@@ -39,7 +34,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
       serverArgs: [
         'xpack.security.authc.token.enabled=true',
         'xpack.security.authc.realms.saml.saml1.order=0',
-        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${idpPath}`,
+        `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${IDP_METADATA_PATHS.default}`,
         'xpack.security.authc.realms.saml.saml1.idp.entity_id=http://www.elastic.co/saml1',
         `xpack.security.authc.realms.saml.saml1.sp.entity_id=https://localhost:${kibanaPort}`,
         `xpack.security.authc.realms.saml.saml1.sp.logout=https://localhost:${kibanaPort}/logout`,
diff --git a/x-pack/test/tsconfig.json b/x-pack/test/tsconfig.json
index 2ba14ceb1218c..65448c00a048a 100644
--- a/x-pack/test/tsconfig.json
+++ b/x-pack/test/tsconfig.json
@@ -187,6 +187,7 @@
     "@kbn/alerting-types",
     "@kbn/ai-assistant-common",
     "@kbn/core-deprecations-common",
-    "@kbn/usage-collection-plugin"
+    "@kbn/usage-collection-plugin",
+    "@kbn/saml-provider-plugin"
   ]
 }
diff --git a/x-pack/test_serverless/shared/config.base.ts b/x-pack/test_serverless/shared/config.base.ts
index 35fd64ee0b542..22b9e9efeccc6 100644
--- a/x-pack/test_serverless/shared/config.base.ts
+++ b/x-pack/test_serverless/shared/config.base.ts
@@ -22,6 +22,7 @@ import { MOCK_IDP_REALM_NAME } from '@kbn/mock-idp-utils';
 import path from 'path';
 import { defineDockerServersConfig } from '@kbn/test';
 import { dockerImage } from '@kbn/test-suites-xpack/fleet_api_integration/config.base';
+import { IDP_METADATA_PATHS, pluginPath as samlIdPPlugin } from '@kbn/saml-provider-plugin';
 import { services } from './services';
 
 export default async () => {
@@ -49,16 +50,6 @@ export default async () => {
     },
   };
 
-  // "Fake" SAML provider
-  const idpPath = resolve(
-    __dirname,
-    '../../test/security_api_integration/plugins/saml_provider/metadata.xml'
-  );
-  const samlIdPPlugin = resolve(
-    __dirname,
-    '../../test/security_api_integration/plugins/saml_provider'
-  );
-
   const jwksPath = require.resolve('@kbn/security-api-integration-helpers/oidc/jwks.json');
 
   return {
@@ -79,7 +70,7 @@ export default async () => {
     },
     esTestCluster: {
       from: 'serverless',
-      files: [idpPath, jwksPath],
+      files: [IDP_METADATA_PATHS.default, jwksPath],
       serverArgs: [
         'xpack.security.authc.realms.file.file1.order=-100',
         `xpack.security.authc.realms.native.native1.enabled=false`,
diff --git a/x-pack/test_serverless/tsconfig.json b/x-pack/test_serverless/tsconfig.json
index ed9a78fde0f6f..7e422bf99dbd4 100644
--- a/x-pack/test_serverless/tsconfig.json
+++ b/x-pack/test_serverless/tsconfig.json
@@ -98,5 +98,6 @@
     "@kbn/core-saved-objects-import-export-server-internal",
     "@kbn/security-plugin-types-common",
     "@kbn/ai-assistant-common",
+    "@kbn/saml-provider-plugin",
   ]
 }
diff --git a/yarn.lock b/yarn.lock
index d8d511ad70965..e642229dd6376 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -6216,7 +6216,7 @@
   version "0.0.0"
   uid ""
 
-"@kbn/saml-provider-plugin@link:x-pack/test/security_api_integration/plugins/saml_provider":
+"@kbn/saml-provider-plugin@link:packages/kbn-saml-provider-plugin":
   version "0.0.0"
   uid ""