Are AAD instance ready for folks to make production use of the /saml2 interface?
(Last time I asked, months ago, it was all dodgy.)
Can I assume that the saml2 endpoints are optionally protocol converters, sending on a w's-fedp request to a ws-fedp IDP (including an ADFS associated with a custom domain)?
I would love to dump our aging Ping Identity saml2 servers and use AAD as the protocol converter, instead, for the few SAML2 RPs we interact with.