IDP InitiatedSSO - AutnRequest value

I am trying to setup Idp InitiatedSSO. I was trying to debug SAML response sent to Service Provider.
I found that AuthnContextClassRef in Saml reposnse is “urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified”.
But Our requrirement is to be “urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport”.
Can you please help with that

I assume your site is the identity provider and you wish to include an AuthnContextClassRef in the SAML response. You have a couple of options.

The first is to specify an AuthnContext in the section of your SAML configuration (eg saml.config file).


Alternatively, there are SAMLIdentityProvider.InitiateSSO and SAMLIdentityProvider.ReceiveSSO overloads that take an authnContext parameter. If specified, this will be used instead of any configured AuthnContext for the AuthnContextClassRef .

If neither the AuthnContext parameter nor configuration is specified, it defaults to “urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified”.