We're running a Policy Server and we'd like to know why in a Federation
Partnership HTTP_POST the Session Store is required ?

Policy Server 12.8SP3 on RedHat 7

At first glance, the usage of the Session Store is for security
reason, which means it can work without, but it will leave a security
breach. This will allow to "verifies that the assertion is only used
one time" :

  HTTP-POST single use policy (SAML 2.0 and WS-Federation)

    The single use policy feature prevents assertions from being reused at
    the relying party to establish a second session. The relying party
    stores time-based data about the assertion, which is known as expiry
    data, in its session store. Expiry data verifies that the assertion is
    only used one time.

    A session store is required at the relying party, but a persistent
    session is not required.

  https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8/configuring/partnership-federation/federation-features-requiring-the-session-store.html

So in the Session Store, the time-based data will be inserted and
verified to prevent the re-use of the same data.