This situation has been reported on a base 9.2 gateway install.
Please make sure you have the latest 9.2 CR installed and have also
installed and are using the corresponding policy manager version from that CR.
You will then be able to add the 'Authenticate Against CA Single Sign-On' assertion
into a policy successfully.