When logging into a PAM Server with PKI/PIV enabled - the PAM Client doesn't load the PKI/PIV Certificates to choose -> therefore no one can use this integration.
Starting with MacOS Catalina and higher, you no longer have to use 3rd party software enabler like PKcard, CSSI, OpenSC or CACKey.
MacOS now uses -> com.apple.CryptoTokenKit.pivtoken which enables PKI/PIV cards out of the box.
Therefore if you use one of these enablers, you must uninstall per:
https://militarycac.com/macuninstall.htm
Release : 3.4.x
Component : PRIVILEGED ACCESS MANAGEMENT
In PAM 3.4.5 - we updated our PAM Client (jxplorer) which includes support for the integration with apple's com.apple.CryptoTokenKit.pivtoken PKI/PIV card reader.