Federation failing with custom authentication scheme due to invalid AuthnContextClassRef value (Doc ID 1645718.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Identity Federation - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

 When attempting a federation with OAM 11.1.2.2.0 federation services acting as the IdP, the partner rejects the assertion due to an invalid/unexpected value in the AuthnContextClassRef field.  The same federation will work when a default out-of-the-box authentication scheme is used (eg, LDAPScheme)

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms