I did a bit of reading and it doesn’t seem like there is a standard way to pass a SAML header in a REST request. See this stackoverflow question: https://stackoverflow.com/questions/14567198/is-there-a-standard-for-using-saml-tokens-with-restful-services
The REST service you are calling should provide information about how to send this, but it seems that you’ll include an Authorization header something like this:
Authorization: SAML bearer="PEVuY3J5cHRlZEFzc2VydGlvbiAuLi4="
In a REST action in your microflow, here is where you add an Authorization header:
Hope that helps,