At login, 2FA exemption does not function. But you set the ‘Password’ authentication context or ‘PasswordProtectedTransport’ as back-up in the Zivver single sign-on (SSO) settings.

Cause

The Entra SSO actually lists Unspecified as the authentication context in the SAML response for unknown reasons. The expectation is that Entra ID can support ‘Password’.

Solution

Add urn:oasis:names:tc:SAML:2.0:ac:classes:Unspecified to 2FA exceptions in the SSO settings.