Right. So I misunderstood your original question. The short answer - I believe you can't/shouldn't (just use a password/certificate).
SAML is essentially a signed token that the IDP give the user agent to pass onto the SP (ONTAP).
*taken from Wikipedia.
If your IDP happy to give the token to your script - which will still likely require you to authenticate to the IDP (with a password)?, and your script module can process the JS script the IDP returns to redirect you into the ONTAP login and ONTAP accepts it, that all might work...
But I think none of these will happen. The IDP will not authenticate a non-browser, the script module will not process the JS, and the NetApp login will not accept SAML token on the ZAPI site.