SSO/PAM Integration via SAML: The AuthnRequest with AuthnContexts is not supported

Document ID : KB000115459
Last Modified Date : 20/09/2018
Show Technical Document Details
Issue:
After configuring CA Single Sign On and CA Privileged Access Manager integration via SAML.  The user is getting authenticated and saml2sso is processing the authnrequest generated by PAM, however, the Policy Server is not generating an assertion and logging the following error:

The AuthnRequest with AuthnContexts is not supported!
Cause:
The Policy Server is unable to process the requested authncontext sent by the PAM Service Provider.
Resolution:
On the SSO & SLO tab of the Partnership, select the Ignore RequestedAuthnContext checkbox.
Additional Information:
Please note this solution applies to any situation in which the Policy Server is producing this error.  This solution is not confined to CA PAM integration.