Hi @EAA SQA
Thanks for reaching out to Microsoft Q&A.
Yes, Entra ID (former Azure AD) does support Single Sign Out for SAML applications.
The documentation below has the flow and the details about how the communication between the app and Entra occurs after user clicks on "sign out" button. The certificate used is the token signing one which is created when the Application object is added on Entra ID:
https://learn.microsoft.com/en-us/entra/identity-platform/single-sign-out-saml-protocol
You'll find more information about the sign in certificate in the documentation below:
https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/certificate-signing-options
Let me know if you have further questions.
Thanks,
Fabio