We may need to have support for SAML clients on the server side, so that SAML client has a way to send SAML request to the Keycloak server and request step-up authentication. Support in SAML adapters is not a priority right now.

https://github.com/keycloak/keycloak/issues/10155

This feature should also address the following use-cases as epics part of this feature.

• Add customized AuthnContextClassRef for SAML client (cf. KEYCLOAK-15205 ; GHI#11721 )
• Fill in saml2p:AuthnRequest section (cf. KEYCLOAK-5224 )
• Support setting AuthnContextClassRef in SAML response to SP (cf. KEYCLOAK-17788 )