Dual Signing and Encryption custom certs support on SSO SAML connections

Problem statement

We use custom certs to sign and encrypt SAML requests and responses. We have security requirements to renew the cert every 2 - 5 years. We want to give ourselves and the customers the ability to gradually change to new certs in their timelines instead of long planning and scheduling with customers. This is where dual cert capability can help, and the last time I inquired, Auth0 doesn’t support it. Is this still the case? Any recommendations here? Thanks.

Solution

We don’t properly support the rotation of certificates used to sign responses in user source connections, for example, interactions in which Auth0 is a SAML Service Provider.