we’ve stumbled across a bit strange behaviour during working with Azure SAML SSO integration. We’ve configured RocketChat and everything worked smooth but recently we’ve enabled so called Azure Password less auth and this type of auth does not work with standard SAML SSO config in RocketChat. We’ve found the similar problem in SAML AuthnContextClassRef value (https://github.com/RocketChat/Rocket.Chat/issues/2770#issuecomment-344082039) -> Azure password less wants “Multifactor” but RocketChat only have PasswordProtectedTransport in ‘programs/server/packages/steffo_meteor-accounts-saml.js’
Is there any beautiful way to resolve this issue?
We have one but not sure it’s ok - we added “Unspecified” scheme and SSO worked.