Hi
Has anyone else had issues signing out of Field Maps with SAML authentication enabled in ArcGIS Enterprise? I can sign in and sign out but then if I tap 'sign in' again I am logged straight back in without being prompted for my credentials. Essentially we cannot switch users.
We have just installed ArcGIS Enterprise 11.0 and set up SAML authentication. FieldMaps on Android is not letting users sign out unless we clear the cookies from the browser. We are using Android 11 and FieldMaps 23.1.1. It works on iOS devices.
@ColinLawrence - Have you come across this before? It would be useful to know if it is a bug or a issue with our system set up.
Thank you
Hello @ColinLawrence
Can you provide an update on this and reply to @AnthonyJonesRSK?
Our field users are understandably frustrated. What is ESRI's plan to address this bug? When will it be fixed? Will FieldMaps be developed to support android shared device mode?
Is there anyone else we can contract to gain support for this? I have had the same response as Anthony from ESRI UK support.
Thank you
Our organization is also concerned about the security issue posed here. If ESRI is not escalating this further and addressing the bug, it's worth looking to local GDPR/FedRAMP regulations and reporting if in violation.
That's very helpful thank you. I will ask ESRI UK support to do as you suggest.
It would be useful if the FieldMaps /Collector documentation included this bug as it is business critical if you depend on editor tracking and use shared devices.
I was running into similar problems...So if I am understanding correctly, for a survey with multiple users, each user is going to constantly have to clear their browser cache on their device? I'm hoping that I am very wrong. Any update on this?
Yes users have to clear the browser history. I logged a support call with ESRI UK and they have given me a bug reference. There is no update on whether or not it will be fixed. If you log a support call it may add some weighting to the issue.
BUG-000144885: When working with the user's own identity provider (IDP) in the ArcGIS Field Maps mobile app, SAML logins are cached, preventing a new user from logging in when a previous user logs out.
BUG-000144885 for ArcGIS Field Maps (esri.com)
The workaround for it is currently the following steps:
This workaround is only possible if there is a browsing history to clear.
We have also blocked access to Office365 apps on shared devices until this is rectified which far from ideal.
Thank you so much for the quick answer
Hopefully I can provide some context as understandably there are frustrations around this issue. I am by no means an authentication expert so please excuse if I misspeak slightly. Ultimately, this comes down to an issues with the Browser's (Chrome or chromium) caching behavior. Chrome does not by default allow private sessions when authenticating, and therefore the application will use existing cookies in the sign in process. When signing out of the app, we tear down the applications state but cannot tear down the browser cookie. We are investigating a workaround to allow users to authenticate regardless of browser state which should alleviate this problem.
Have you got anywhere with a fix for this issue across all ESRI apps? FieldMaps, QuickCapture & Survey123.
Thank you