SAML authentication provider enhancements
To help troubleshoot SAML authentication issues, administrators now have the ability to regenerate certificates and change the responseSkew value in the user interface. SAML encryption certificates can periodically expire and should be regenerated regularly to maintain security. The responseSkew value may need to be edited if your Learn server is in a different time zone than the Identity Provider's server. The time difference can cause SAML assertions to expire before users are properly authenticated.