Recently, a number of institutions are experiencing problem in using Single Sign On (SSO) to login to their ArcGIS Online org. The following explains the reason and action needed:
ArcGIS Online Organization administrators who have enabled the advanced SAML options ‘Enable Signed Requests’ and/or ‘Encrypt Assertion’ will need to obtain the new ArcGIS Online Service Provider metadata file and associate it with their Identity Provider before September 25, 2022.
Customers using these advanced SAML options who do not upload the updated ArcGIS Online metadata file containing the new certificate to their identity provider (eg. Azure Active Directory Enterprise Applications with Token Encryption) before this date will receive an IDP specific error when they attempt to sign into ArcGIS Online with an Enterprise account. The new ArcGIS Online SAML certificate will expire 9/27/2023.
The full story and step-by step instruction to obtain the updated metadata file can be found in this blog:
If you experience the same issue (broken SSO login to ArcGIS Online), please work with your IT team and apply the instructions written in the above blog.
In addition, we would like to suggest the following practices tips for ArcGIS Online Administrators,
If you need more assistance in troubleshooting the above issue, feel free to contact Esri Technical support.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.