Enterprise Login - No E-Mail or GivenName in User Profile

4041
2
03-09-2015 03:16 PM
RussCoffey1
New Contributor

We have set up enterprise login capability for ArcGIS Online using SAML, but the user's profile information is not being created correctly in AGOL.

The enterprise authentication and login works and will create accounts manually or automatically.

However, the GIVENNAME and EMAIL attributes in the SAML assertion are apparently ignored (maybe we have them formatted incorrectly...).

Viewing a User's profile shows the FirstName is populated with the NameID attribute, and no e-mail shows up on the user profile (even the "E-mail address" label is not there, which does show up for non-enterprise login users).

Any information will be appreciated.

Thank........j.russ

Here is the attribute portion of the SAML assertion (NameID is passed earlier in the assertion as "COFFEYJ" in this example, and comes across correctly):

     <saml2:AttributeStatement>

     <saml2:Attribute Name="FIRSTNAME">

     <saml2:AttributeValue>RUSS</saml2:AttributeValue>

     </saml2:Attribute>

     <saml2:Attribute Name="GIVENNAME">

     <saml2:AttributeValue>RUSS COFFEY</saml2:AttributeValue>

     </saml2:Attribute>

     <saml2:Attribute Name="EMAIL">

     <saml2:AttributeValue>russ.coffey@lvvwd.com</saml2:AttributeValue>

     </saml2:Attribute>

     <saml2:Attribute Name="LASTNAME">

     <saml2:AttributeValue>COFFEY</saml2:AttributeValue>

     </saml2:Attribute>

     </saml2:AttributeStatement>

Sample User Profile created from Enterprise Login:

Notice no place for an E-mail address:

0 Kudos
2 Replies
RussCoffey
New Contributor III

I confirmed with an ESRI rep that the E-mail address is not displaying in the user profile by design, since it is an Enterprise login account.  So, that is not a symptom.  However, the issue remains that I cannot send e-mail notifications to any Enterprise accounts.  I am still working with the ESRI rep, using SAML Tracer in Firefox to try to isolate whether or not the issue is in our configuration of the SAML assertion.

0 Kudos
LukeRogers
New Contributor III
0 Kudos