...
target
(URL) (Version 2.4 and Above)- Allows the resources to return to after SSO to be "locked" to a specific value, even when running as a result of active protection of other resources. In other words, this value overrides the actual resource location when SSO redirection is automatic, including initial access and after a timeout.
signing
(see NativeSPSigningEncryption) (Version 2.6 and Above)- Controls outbound signing of XML messages.
encryption
(see NativeSPSigningEncryption) (Version 2.6 and Above)- Controls outbound encryption of XML messages and content.
...
SAML2 SessionInitiator (Protocol Handler)
...