It is possible to create a SAML connection through the Management API and provide a signing certificate (`options.signingCert`) in one of two formats:

1. a PEM certificate with new lines encoded.
2. a PEM certificate where the full content is encoded in base64.

However, using the first format may lead to issues if a SAML assertion is received without the public key embedded in it, as the server will expect the signing certificate to always be in the second format.

• SAML Connection
• Signing Certificate

It is possible to set the `signingCert` value to a non-encoded certificate and it will work so long as the IdP sends the public key in the response. If the key is not present, then signature validation will fail.

When a non-encoded certificate is uploaded via the dashboard, it will be automatically encoded, but this is not the case when setting the `signingCert` directly via the management API.