saml-session not setting secure attribute.

Hello, we are on Core 3.1 using the SAML 2.1.0 library with IS4, we host on IIS.

You can see here via /SAML/AssertionConsumerService the sam-session cookie did not set its secure flag. This is on Chrome Version 79.0.3945.117 (Official Build) (64-bit)

Do we need to update our SAML library?

Possibly. Please contact including what the version is that you’re using.