The NameID is the identifier used by both the service provider and the identity provider to identify a principal (system user).
So let's say I require users on one service provider to input their username and password for logging in, their SSN and password for logging in on another, and their username and password for logging in on a third. Can several service providers have different usernames, yet use the same NameID for identifying the SAML session?
Also, is it possible to have service providers using different NameID formats between them, or do they have to be the same value for it to refer to the same principal?