2FA exemption not possible

At login, the 2FA exemption does not work, even though you have set the Password authentication context or PasswordProtectedTransport as a backup in the Zivver single sign-on (SSO) settings.

Cause

For unknown reasons, Entra SSO lists Unspecified as the authentication context in the SAML response. The system expects Entra ID to support Password.

Solution

Add urn:oasis:names:tc:SAML:2.0:ac:classes:Unspecified to the 2FA exemptions in the SSO settings.