The application server must conform to Federal Identity, Credential, and Access Management (FICAM)-issued profiles.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-204809 | SRG-APP-000405-AS-000250 | SV-204809r981696_rule | CCI-004085 | medium |
| Description | ||||
| Without conforming to FICAM-issued profiles, the information system may not be interoperable with FICAM-authentication protocols, such as SAML 2.0 and OpenID 2.0. This requirement addresses open identity management standards. | ||||
| STIG | Date | |||
| Application Server Security Requirements Guide | 2025-02-11 | |||
Details
Check Text (C-204809r981696_chk)
Review the application server documentation and configuration to determine if the application server conforms to FICAM-issued profiles.
If the application server does not conform to FICAM-issued profiles, this is a finding.
Fix Text (F-4929r283069_fix)
Configure the application server to conform to FICAM-issued profiles.