Update howto-enforce-signed-saml-authentication.md

Author: rahul-nagraj

articles/active-directory/manage-apps/howto-enforce-signed-saml-authentication.md

@@ -33,7 +33,7 @@ If enabled Azure Active Directory will validate the requests against the public
 > [!NOTE] 
 > A `Signature` element in `AuthnRequest` elements is optional. If `Require Verification certificates` is not checked, Azure AD does not validate signed authentication requests if a signature is present. Requestor verification is provided for by only responding to registered Assertion Consumer Service URLs.
 
->  If `Require Verification certificates` is checked, SAML Request Signature Verification will work for SP-initiated(service provider/relying party intiaited) authentication requests only. Only the application configured by the service provider will have the access to to the private and public keys for signing the incoming SAML Authentication Reqeusts from the applicaiton. 
+>  If `Require Verification certificates` is checked, SAML Request Signature Verification will work for SP-initiated(service provider/relying party initiated) authentication requests only. Only the application configured by the service provider will have the access to to the private and public keys for signing the incoming SAML Authentication Reqeusts from the applicaiton. The public key should be uploaded to allow the verification of the request, in which case AAD will have access to only the public key.
 
 > Enabling `Require Verification certificates` will not allow IDP-initiated authentication requests (like SSO testing feature, MyApps or M365 app launcher) to be validated as the IDP would not possess the same private keys as the registered applicaiton.