I'm curious if we configure our ArcGIS Online and ArcGIS Enterprise environment with the same SAML identity provider, if users can seamlessly access content stored in each environment without having to login separately.
For example, a user logs into ArcGIS Online, and opens a map that point to an ArcGIS Enterprise REST endpoint (an endpoint that is restricted via a Federated Portal) that the same user has access to in Enterprise, would that user have to _also_ login to Enterprise, or would AGOL pass the SAML identity token to Enterprise seamlessly?
Solved! Go to Solution.
You can use the same SAML identity provider for both Enterprise and ArcGIS Online.
I don't think it will work the same as your example, I believe the user would have to login to both AGOL and ArcGIS Enterprise within the same browser session (two clicks) and then your example would be seamless for the user.
You can use the same SAML identity provider for both Enterprise and ArcGIS Online.
I don't think it will work the same as your example, I believe the user would have to login to both AGOL and ArcGIS Enterprise within the same browser session (two clicks) and then your example would be seamless for the user.