A third party app was set to sha256 in the relying party trust. It worked fine until one day. The support had us change it back to sha1, which worked. The app provider later restarted their service after which sha256 worked again, that is, for sometime.
One thing that was observed when it didn't work was the saml response doesn't have a full response in the sense attributes are not sent over. We have applications that don't have any issues with sha256 but this particular one. Adfs is 3.0.
The vendor thinks its the adfs not sending over full saml response. But the same setting worked when initially set up and also after a service restart on their end. Any insight into where the problem may lie? Could saml request be a possible factor?