Use this guide to enable "Authenticated Users" to use the private certificate key stored on the IIS server to sign messages, which is necessary to sign and encrypt outgoing messages (i.e. SAML and WS-Federation Assertions).
1. Have access to the Certificates Console of the SecureAuth IdP appliance
2. Have a certificate to be used by SecureAuth IdP