I create a WebMap in Portal for ArcGIS. I add a secure service hosted on our ArcGIS Online site to the WebMap. I save and share the WebMap with another user in the organisation, who also has access to the secure service hosted on ArcGIS Online.
The user logs in to Portal and opens the WebMap. They are prompted to enter an ArcGIS username and password to access the secure hosted service. The user does not have a username and password to enter as their ArcGIS Online authentication is federated with the organisation's Identity Provider.
Please allow the user to authenticate here with the enterprise IDP.
I could save the credentials with an item in Portal, but I don't want to as this means I have to replicate all groups in both AGOL and Portal. Collaboration is not a possibility for us.