Audit logs, MFA, and SSO sessions

Clay Cooper Clay.Cooper at
Wed Sep 1 22:41:23 UTC 2021

The audit log is capable of logging if the session was generated from and existing SSO session by adding %SSO to the audit log format. When the IdP is configured to not favor SSO (which is the default in at least >=4.0) so that the MFA authn handler can run each time, that SSO field in the audit logs always reports "false".

Is there a strategy on getting the log to properly reflect the reuse of an SSO session in this configuration?

Clay Cooper
Software/Systems Design Engineer Technical Specialist
Information and Technology Services
Finance & Administration
Rochester Institute of Technology

CONFIDENTIALITY NOTE: The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list