The PCS devices are capable of acting as a SAML entity, i.e. an Identity Provider (IdP) and Service Provider (SP), based on SAML 2.0 standards.
In SAML 2.0 there is also option available for the Single Logout functionality, wherein a user session from multiple Service Providers/ Applications, authenticated by an Identity Provider, can be logged out at once from any one of the applications. (Depends of the implementation)
For this to work, SAML uses an attribute in the Authn Statement named "SessionIndex
On the PCS devices, in current software release, we do support Single Logout Service while the device is configured as a Service Provider.
However, we do not support the same for the device being configured as an Identity Provider entity.
And since we do not support the Single Logout service as an Identity Provider, we do not send the 'SessionIndex' attribute in any assertions that we send to any application/Service Provider. If the Service Provider/Application mandates the SessionIndex attribute in the assertion, then the authentication or the SSO to the application would fail.