SAML features on FIPS devices will work in the following scenarios:
When configuring the PCS as a Consumer/ServiceProvider:
To do this, configure a SAML Auth server on the PCS:
- All SAML1.1 configurations will work.
- The SAML2.0 configuration will work only if the signing and encryption of assertions is disabled (to do this, set the Select Device Certificate for Signing and Select Device Certificate for Encryption options to Not Applicable).

When configuring PCS as an IdentityProvider/Producer:
To do this, configure a SAML SSO policy on the PCS under
Resource Policies > Web > SAML SSO.
- SAML 1.1 will work only in Artifact Profile. POST profile is currently not supported.
- SAML 2.0 will work only in Artifact Profile. POST profile is currently not supported.
