I am experiencing this error after authenticating with Azure:
“Unable to login using Idp. IDP supports Encrypted SAML Assertion, but send unencrypted Assertion”
I've tested the SSO from the IDP and it registers success. However, SAML trace shows the same error from the user side.
I've verified the x.509 cert in the SAML trace matches the cert in Azure. The cert expires in 2024.
Any help would be much appreciated.
I would check your Enterprise login settings. When I've seen this before "Encypted Assertion" was enabled and it wasn't required. It was resolved by disabling "Encrypted Assertion" within ArcGIS Online > Organization > Settings > Security > Edit SAML Login > Advanced Settings
Hope this helps
on our Enterprise 10.8.1 Test Environment this was enabled and works fine, after the upgrade to 10.9.1 I had the same error, disabling "Encypted Assertion" works thank you.
Still strange there was no issue on the old version (there were Windows server updates as well before I had tested the SAML login, so perhaps it isn't because of the GIS upgrade)
I'm gone try if it will work with a new adfs construction