When logging into a PAM Server with PKI/PIV enabled - the PAM Client doesn't load the PKI/PIV Certificates to choose -> therefore no one can use this integration.
Release : 3.4.x
Component : PRIVILEGED ACCESS MANAGEMENT
Starting with MacOS Catalina and higher, you no longer have to use 3rd party software enabler like PKcard, CSSI, OpenSC or CACKey.
MacOS now uses -> com.apple.CryptoTokenKit.pivtoken which enables PKI/PIV cards out of the box.
Therefore if you use one of these enablers, you must uninstall per:
https://militarycac.com/macuninstall.htm
In PAM 3.4.5 - we updated our PAM Client (jxplorer) which includes support for the integration with apple's com.apple.CryptoTokenKit.pivtoken PKI/PIV card reader.