This article describes how to enable support for the SHA-256 digest algorithm for Security Assertion Markup Language (SAML) AuthnRequests sent to external Identity Providers (IdPs).

The feature allows administrators to use the SHA-256 algorithm when hashing SAML authentication requests, providing enhanced security compliance for organizations using external IdPs.

• SAML 2.0 Identity Providers
• Early Access (EA) features
• External IdP configurations

To configure the digest algorithm for an external SAML Identity Provider, perform the following steps:

1. In the Okta Admin Console, navigate to Security > Identity Providers.
2. Locate the desired SAML 2.0 IdP and select Edit.
3. Scroll to the Request Digest Algorithm section.
4. Select SHA-256 from the dropdown menu.
5. Select Save.

NOTE: This is an Early Access (EA) feature. If the SHA-256 option is not visible, ensure that the feature is enabled under Settings > Features in the Okta Admin Console.