SSO with SAML 2.0 and Windows Hello

0
We are using SAML2.0 module for authentication on several Mendix apps. Worked fine until users started using ‘Windows Hello for business’ (Multifactor) to log on to their devices.  Whenever a user starts the Mendix application it redirects to the identity provider (AzureAD) the message below is displayed: AADSTS75011: Authentication method 'X509, MultiFactor' by which the user authenticated with the service doesn't match requested authentication method 'Password, ProtectedTransport, InternetProtocolPassword, SecureRemotePassword'. However this method is not one of the options shown in the SSO configuration. I came across this Microsoft page which mentioned the error: https://docs.microsoft.com/en-us/troubleshoot/azure/active-directory/error-code-aadsts75011-auth-method-mismatch. But I am not sure how to solve this. Anyone knows how I can add the correct Authentication method or skip the context at all as mentioned in the microsoft docs?        
asked
1 answers
4

Is it necessary to enforce a specific method? Leaving the Authentication method empty should work fine.

answered