Administration Console Online Help
This page has additional attributes for the Single Negotiate Identity Assertion provider:
Base64DecodingRequired—Specifies whether the request header value or cookie value must be Base64 Decoded before it is sent to the Identity Assertion provider. This box is checked by default for purposes of backward compatibility; however, most Identity Assertion providers will uncheck this box.
Configuring a Single Pass Negotiate Identity Assertion Provider