I am looking for some information on Auth0’s support for SAML as a service provider (not as an identify provider). Looking through the docs I found some good info, but still have a few questions. Does the service provider implementation support:
- Protection against replay attacks
- Validation of assertion timestamps
- Validation of client IP address consistency
Any help would be greatly appreciated.