This article provides information on configuration needed on SAML Auth server instance on the PCS device to accept the Windows Hello authentication performed by Azure IDP.
Problem or Goal
Users using Windows Hello authentication with Windows 10 to authenticate with Azure IDP and when users tries to access PCS signin in URL which is mapped to SAML Auth server instance the authentication might fail with the error below:
Sign in Sorry, but we’re having trouble with signing you in.
AADSTS75011: Authentication method 'X509, MultiFactor' by which the user authenticated with the service doesn't match requested authentication method 'Password, ProtectedTransport'.
Cause
Solution
Please follow the steps below:
1. Navigate to Authentication > Auth servers > Open the SAML Auth server.
2. Navigate to "Select Requested Authn Context Classes to be sent in the AuthRequest:" Choose unspecified from available pane to selected pane as shown below:
