MFA and AWS SAML authentication
cantor.2 at osu.edu
Wed May 17 17:52:13 EDT 2017
On 5/17/17, 5:48 PM, "users on behalf of Wessel, Keith" <users-bounces at shibboleth.net on behalf of kwessel at illinois.edu> wrote:
> Our AWS admins asked if I could turn on forced MFA into AWS for specific users. I did this, and AWS didn't like it. Turns out, if you
> send an authn context other than urn:oasis:names:tc:SAML:2.0:classes:ac:password to AWS with your assertion, they reject it.
Hmm, no, they don't, we're doing that.
So...dunno but it's been fine here.
More information about the users