Encryption algorithm configured for the IdP entity are not used when encrypting (parts) of the SAML response.
- Configure some AM as SAML SP
- Configure AM as SAML IdP (in sub-realm) in some circle of trust (standalone mode)
- Exchange meta data to establish trust
- Configure IdP entity specific encryption algorithm to be different from global Common Federation Configuration (see attached screenshots)
- Enable NameId encryption
- Perform SAML SP-initiated SSO flow