As for SAML, the need is not for interactive logins. The need to use STS
is for API access back into our environment. How do you protect secrets
used to access APIs from their AEM applications? If you use
cryptosupport how do you determine if a developer or Adobe support
person has accessed or compromised that secret?