diff --git a/sample-config-advanced.json b/sample-config-advanced.json
index e83854e6..34a17c8c 100644
--- a/sample-config-advanced.json
+++ b/sample-config-advanced.json
@@ -209,6 +209,7 @@
         },
         "saml": {
           "_callbackurl": "https://server/auth-saml-callback",
+          "_disableRequestedAuthnContext": true,
           "newAccounts": true,
           "_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
           "entityid": "meshcentral",
diff --git a/translate/translate.json b/translate/translate.json
index 7413221c..b911ad72 100644
--- a/translate/translate.json
+++ b/translate/translate.json
@@ -31268,4 +31268,4 @@
       ]
     }
   ]
-}
+}
\ No newline at end of file
diff --git a/webserver.js b/webserver.js
index dfe20180..61610964 100644
--- a/webserver.js
+++ b/webserver.js
@@ -4541,6 +4541,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
                                 path: (typeof domain.authstrategies.saml.callbackurl == 'string') ? domain.authstrategies.saml.callbackurl : (url + 'auth-saml-callback'),
                                 entryPoint: domain.authstrategies.saml.idpurl, issuer: 'meshcentral'
                             };
+                            if (domain.authstrategies.saml.disablerequestedauthncontext != null) { options.disableRequestedAuthnContext = domain.authstrategies.saml.disablerequestedauthncontext; }
                             parent.debug('web', 'Adding SAML SSO with options: ' + JSON.stringify(options));
                             if (typeof domain.authstrategies.saml.entityid == 'string') { options.issuer = domain.authstrategies.saml.entityid; }
                             options.cert = cert.toString().split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join('');
@@ -4582,6 +4583,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
                                 path: (typeof domain.authstrategies.intel.callbackurl == 'string') ? domain.authstrategies.intel.callbackurl : (url + 'auth-intel-callback'),
                                 entryPoint: domain.authstrategies.intel.idpurl, issuer: 'meshcentral'
                             };
+                            if (domain.authstrategies.saml.disablerequestedauthncontext != null) { options.disableRequestedAuthnContext = domain.authstrategies.saml.disablerequestedauthncontext; }
                             parent.debug('web', 'Adding Intel SSO with options: ' + JSON.stringify(options));
                             if (typeof domain.authstrategies.intel.entityid == 'string') { options.issuer = domain.authstrategies.intel.entityid; }
                             options.cert = cert.toString().split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join('');