Description: When configuring SAML as an authentication method for Access Server with Microsoft Azure as the IdP, you may encounter the error below:
AADSTS75011: Authentication method 'X509, MultiFactor' by which the user authenticated with the service doesn't match requested authentication method 'Password, ProtectedTransport'
Note: The error message example above displays 'X509, MultiFactor,' as an AuthContext combination. If you have an error message with other AuthContext values, this article is also applicable to you.
If you face the above error, please follow the below instructions to fix your issue:
- Sign in to the Admin Web UI.
- Click Authentication > SAML.
- Set "Send AuthnContext in AuthNRequest to indicate authentication methods" to NO.
- Click Save Settings and Update Running Server.
- Retry SAML authentication via Azure again and your issue should be resolved.
If you have additional questions, please submit a ticket.