This severity level implies that the process has completely shut down and no further action is possible.
This is a significant flaw that causes the system to fail. However, certain parts of the system remain functional.
This flaw results in unfavorable behavior but the system remains functioning.
This type of flaw won’t cause any major breakdown in the system.
List of identified issues in this category (click on the title to show details)
MyAcademicID requires several attributes to be released. If your identity provider doesn't release them, you won't be able to log in. You can perform a test on https://myacademicid.devtest.eduteams.org/sp/ to see which attributes are missing. You can also use a browser extension, like SAML-tracer, to debug and see what exactly your identity provider is sending to MyAcademicID.
Your identity provider should release all required attributes.
Shared in email correspondence with providers.
This issue might be relevant to you if you use CAS (https://github.com/apereo/cas). Version 6.6.8 introduced a bug where the Address in the SubjectConfirmationData started to contain hostname instead of IP address, which violates SAML2 specification and breaks the integration with MyAcademicID. Up to version 6.6.7, this attribute wasn't sent at all, which was OK because it is optional.