Thanks for reaching out. The IDP uses the SHA1 algorithm for signing the SAML Response by default. We’ll add a configurable option to the app settings where you can change the signing algorithm to SHA256. Can you please send us an email with the feature request at email@example.com? This way we can keep you posted on the progress of this feature.