Set the proxy count to limit the number of proxy layers between the service provider and the authenticating identity provider. Each layer consists of a proxy identity provider.
SAML 2 uses a proxy count to limit how far up and down a chain of providers authentication requests and responses can go. A provider can include a proxy count in the request or response. In the SAP solution, if the message does not include a proxy count, the identity provider inserts the proxy count restriction from the service provider settings for authentication requests. Every provider the message passes through reduces the count by 1 until either the message is resolved or the count reaches 0. A provider that receives a message with a proxy count of 0 rejects the message.