How to authenticate an Ionc web app using Shibolleth/SAML?

I am a bit confused on how to develop authentication on this system I’m developing.

The system consists of a back-office done with Ionic and a backend done with Nest.js.
So the Ionic site uses Nest.js 's REST API.

I have to add authentication to this system.
My organisation uses Shibolleth/SAML to autenticate the other services and we have an Identity Provider to which all web apps refer.

I have to authenticate:

  • the user that uses the web app,
  • the calls of the front-end (Ionic) to the REST API (Nest.js).

I know that Nest.js uses Passport to implement all types of authentication: local, Jwt, Shibolleth, etc.

But is it possible to do both the above authentications with Shibolleth or do I have to check the authentication of the user with Shibboleth and then use JWT or a token to authenticate the calls to REST API?

Have you ever done something similar?

Thank you very much for your suggestions.