On 5/3/19, 3:07 PM, "users on behalf of Zunan Dong" <users-bounces at shibboleth.net on behalf of zunan.dong at utoronto.ca> wrote: > Thanks, Scott. A further question, if IdP returns a SAML assertion with > MFA authn context in it, how do I verify it actually uses MFA and meets > the requirement in the MFA document? I don't understand the question. -- Scott