Create an option to not store SAML/OIDC tokens in session
By default we store the SAML token in session, which can be used to forward this token to protected applications. But this is not a wide usage, and the token makes sessions very heavy.
I think we should have an option to be able to choose if we want the token in session. We should do the same for OIDC tokens.