Category: Security / Authentication / Identity Management
Current Limitation:
ArcGIS Enterprise currently supports only one SAML identity provider (IdP) and one OIDC identity provider configured at the same time at the organization level.
Use Case / Role & Context:
As an ArcGIS Enterprise administrator, I need to authenticate distinct user populations against different identity providers within the same organization — for example:
Because only one SAML and one OIDC IdP can be active at a time, organizations with multiple legitimate identity sources are currently forced to either consolidate incompatible user populations behind a single IdP, or deploy separate ArcGIS Enterprise organizations solely to work around this limitation — which significantly increases licensing, infrastructure, and administrative overhead.
Proposed Solution:
Allow ArcGIS Enterprise to register and operate multiple SAML and/or multiple OIDC identity providers simultaneously at the organization level, similar to capabilities already available in modern IAM/CIAM platforms (e.g., Azure AD B2C, Auth0, Keycloak, Okta).
Impact / Business Value:
Current Workaround:
None available other than deploying separate ArcGIS Enterprise organizations, which is costly and operationally complex.
I can't endorse/support this idea enough, any enterprise platform today needs to support multiple identity providers of the same type.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.