I noticed the signing certificate that Auth0 issues for SAML assertion signing is SHA-1 (see attached image). Is there any way to make this SHA-256? I’m using the certificate at: https://DOMAIN.auth0.com/pem ![alt text]
To clarify, I’m trying to use my Auth0 client as an SP for an ADFS with SAML. I was under the impression that the best way to do this is to use a SAMLP Identity Provider (under Enterprise connections).
Regardless of whether this is configurable, I’m surprised Auth0 would default to SHA-1, when it’s no longer considered a secure, and major vendors are set to stop accepting SHA-1 certificates altogether by 2017.