AuthnRequest contains an exact RequestedAuthnContext, can we override?

Mark McCoy Mark.McCoy at
Mon Nov 14 20:41:29 UTC 2022

Integrating a new SP and the application owner requested MFA for this service. We did what we normally do, which is to put a defaultAuthenticationMethods property with the auth context set to "" in a relying party override.

Surprise! The vendor has a RequestedAuthnContext with the "exact" comparison property set to the Password context.

Looking at it looks like we can't override this on our end. Are we at their mercy or is there an alternative?

Mark McCoy

Manager, Enterprise Collaboration Services

The University of Texas at San Antonio

University Technology Solutions

One UTSA Circle

San Antonio, TX 78249-3209

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list