ArcGIS Blog

ArcGIS Online has renewed its SAML signing and encryption certificates

ArcGIS Online has renewed its SAML signing and encryption certificates.

Users who have enabled the advanced SAML options ‘Enable Signed Requests’ and/or ‘Encrypt Assertion’ will need to obtain the new ArcGIS Online Service Provider metadata file and associate it with their Identity Provider before November 14, 2018.

Customers using these advanced SAML options who do not upload the updated ArcGIS Online metadata file containing the new certificate before this date will receive an IDP specific error when they attempt to sign into ArcGIS Online with an Enterprise account.

To obtain the updated metadata file:

  1. Login to www.arcgis.com with your administrative credentials
  2. Click on “Organization” then “Settings” then “Security”
  3. Scroll down to “Enterprise Logins” then click the “Get Service Provider” button. This action will download the metadata needed for your IDP.

Esri Support Services has provided a technical article here which describes this issue in detail:

ArcGIS Online SAML Authentication signing and encryption certificate renewal

About

I'm a member of the Software Security and Privacy Team. I also help out with Esri's Product Security Incident Response Team. I've been with Esri almost 11 years now. Before joining the Software Security and Privacy Team, I was a senior technical lead in Esri Support Services, focusing on deploying, securing, and using ArcGIS Enterprise technology.

Next Article

Utility Network Trace Widget Preview

Read this article