adminError “invalid SAML Assertion 13” could mean your Cisco WebEx AuthnContextClassRef (authentication context class reference) doesn’t match your SAML assertion (ADFS response)
Windows integrated authentication (ADFS)
urn:federation:authentication:windows
Password Protected Transport (ADFS Proxy)
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
If you have both ADFS and ADFS proxy servers you can enter both authentication context classes in the WebEx Federated Web SSO Configuration AuthnContextClassRef field separated by a semicolon.
urn:federation:authentication:windows;urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport