I am unable to get signed SAML assertions working with Auth0 as SAML IdP. The documentation below recommends to have both public cert and key in the rule to sign the SAML assertions.
Here is the example rule that seems to have public cert and key. I’ve believed there is only one public cert for a tenant. Is there any difference between a public cert and public key? This doesn’t make any sense and the documentation gives little help in this piece of code.
function (user, context, callback) {
context.samlConfiguration = (context.samlConfiguration || {});
context.samlConfiguration.encryptionPublicKey = "-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n";
context.samlConfiguration.encryptionCert = "-----BEGIN CERTIFICATE-----\nMII...u84\n-----END CERTIFICATE-----\n";
callback(null, user, context);
}