The same behavior is observed using AD FS as the IdP - the SAML response specifies the entity ID as the audience.