Group SAML test button should provide information from SAML response
Display SAML response and highlight NameID when using the Test button from the Group SAML settings page.
Possibly also discourage NameIDs that are emails, usernames or otherwise not randomly generated and persistent. This could be done by expecting a NameIdFormat of
persistent with high entropy. If doing so we should also discourage changing NameID configuration if there are existing users linked.
Extracted from #33464
We could do more to help customers during the initial setup, both to familiarize them with the relevant parts of the SAML response as well as to help them avoid NameIDs that could cause problems later on.