Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


The requested LoA is seen as a minimum LoA. The Strong Authentication gateway The SURFsecureID gateway can perform authentication at a higher LoA, in which case the higher level will be expressed in the returned SAML Assertion.

The requested LoA is passed to the Strong Authentication gateway the SURFsecureID gateway in an AuthnContextClassRef element in a RequestedAuthnContext element in the SAML AuthnRequest:


Authentication failure

When authentication fails, it is generally because the user: