[Access] Document SAML assertion encryption

[asamborski]

Summary

Documents SAML assertion encryption support for Cloudflare Access identity provider integrations. This feature allows administrators to encrypt SAML assertions from their IdP to Access, protecting identity data from browser extensions or client-side malware after TLS termination.

• Added "Encrypt SAML assertions" section to the generic SAML IdP page with setup steps, supported algorithms, and certificate rotation instructions
• Added Access changelog entry for the feature
• Updated the "Optional configurations" intro to reflect the broader scope of available options

Documentation checklist

• Is there a changelog entry (guidelines)? If you don't add one for something awesome and new (however small) — how will our customers find out? Changelogs are automatically posted to RSS feeds, the Discord, and X.
• The change adheres to the documentation style guide.

[cloudflare-docs-bot]

Review

⏸️ Automatic reviews for this PR are paused.

This PR has already received 2 automatic reviews. To run another review, a codeowner can comment /review or /full-review.

Tip: Keep PRs in draft mode until they are ready for review — the bot skips draft PRs automatically.

---

✅ No style-guide issues found in commit 3edef62.

Commands

Only codeowners can run commands. Post a comment with the command to trigger it.

Command	Description
/review	Runs a review now. Incremental if a prior review exists, full if not.
/full-review	Re-reviews the entire PR diff from scratch, ignoring incremental history. Useful after a rebase, when you want a fresh review, or if the bot gets out of sync and reports issues that no longer exist.