Signing SAML Responses and Assertions must be digitally signed. The minimum allowed signature algorithm is RSA-SHA256.