Auth token signing via Golden SAML