I am using Azure/Entra ID as the IDP for my AWS account and federating via AWS Identity Center. I would like to pass the ‘Authentication Method Reference’ from Azure to Identity Center as a Session tag to be able to use MFA status to protect resources in AWS.
Azure allows passing Claim tokens in the SAML token but I don’t see these in the session. Also, there doesn’t seem to be any mechanism for passing the authnmethodsreferences attribute as a session tag / claim in the SAML token.
Any suggestions ?