Certificates - allows you to add a second certificate. Used when you need to change a server certificate on AD and want to minimise downtime for your users.
Advanced - Allows you to make several changes that are rarely necessary:
- switch between SAML versions should you
- have a source that can only handle the older SAML 1 profile
- switch the profile from Redirect to Post if your source insists on it
- enable signing of authentication requests (SHA-1 or SHA-256)
- if your source requires it
- enable the SAML
forceAuthnoption (forces your local source to re-authenticate any time the user is sent there - e.g. where users can have multiple affiliations within a consortium and your SAML source's session management makes it difficult for them to change).
Anything to watch out for?