Thanks for reaching out. The IDP uses the SHA1 algorithm for signing the SAML Response by default. We’ll add a configurable option to the app settings where you can change the signing algorithm to SHA256. Can you please send us an email with the feature request at firstname.lastname@example.org? This way we can keep you posted on the progress of this feature.