We administer both ArcGIS Enterprise (11.4) and ArcGIS Online environments, supporting hundreds of users from federal, state, and local government agencies.
Currently, we're facing challenges due to the use of different authentication services. Our setup utilises SAML authentication tied to the federal agency’s identity provider, which leaves state and local agencies reliant on built-in ArcGIS accounts.
This reliance on built-in accounts has led to considerable administrative overhead, particularly when enforcing multi-factor authentication (MFA), which requires disabling and re-enabling accounts. Additionally, there's an ongoing security concern: when users depart their agencies, we aren’t consistently notified, leading to accounts remaining active and unauthorized access lingering.
We’re curious to know if others have encountered similar issues, and whether any alternative workflows have helped streamline identity management in comparable multi-agency environments.
