After upgarde from version 2.4.0 to 2.7.0 the SAML SSO stopped working. Why is this so ?

Document ID : KB000013147
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

Sometimes a working SSO configuration for login to PAM that you were using in 2.4 no longer work when upgrading to 2.5 or later

Question:

I have recently upgraded my CA PAM to 2.6. Previously it was in 2.4.4. The upgrade process went just fine. However, I had a working SSO configuration that no longer works now. Why is this so ?

Answer:

Starting CA PAM 2.5, the SAML1.1 protocol is no longer supported and SAML2 needs to be used. 

CA PAM 2.5 Release Notes

You need to make sure that you are creating your assertion in this supported format and that this is updated in your IdP machine.

So you may want to redefine the protocol at the IdP and if necessary export the IdP metadata, upload it in CA PAM, download the SP metadata from PAM and upload it to your IdP provider

Additional Information:

How to configure CA PAM/SAML/SSO - TEC1911748