SAML features on FIPS devices will work in the following scenarios:When configuring the PCS as a Consumer/ServiceProvider
To do this, configure a SAML Auth server on the PCS:
- All SAML1.1 configurations will work.
When configuring PCS as an IdentityProvider/Producer
- The SAML2.0 configuration will work only if the signing and encryption of assertions is disabled (to do this, set the Select Device Certificate for Signing and Select Device Certificate for Encryption options to Not Applicable).
To do this, configure a SAML SSO policy on the PCS under Resource Policies > Web > SAML SSO
- SAML 1.1 will work only in Artifact Profile. POST profile is currently not supported.
- SAML 2.0 will work only in Artifact Profile. POST profile is currently not supported.