ArcGIS Online SAML Authentication signing and encryption certificate renewal (2023)

Last Published: September 12, 2023


ArcGIS Online's SAML signing and encryption certificate is expiring on September 27th, 2023.  It is necessary to take action to ensure that your organization can continue to use your Enterprise Identity Provider (IDP). This certificate is required when an organization has enabled signed requests or encrypted assertions. SAML enterprise logins that use the old certificate for signed requests or encrypted assertions continue to work until September 26th, 2023.

If the ArcGIS Online metadata file (that contains the new signing certificate), was not uploaded into the Identity Provider (IDP) before September 27th, 2023, and the 'Enable Signed Request' option is enabled, an error will occur when organization members sign in to ArcGIS Online with an Enterprise SAML account. This error is an IDP-specific message displayed in place of the IDP sign-in page.


To enable your IDP to discover the new certificates, you must re-register ArcGIS Online as your trusted services provider. This process will vary slightly depending on the SAML identity provider. Review the following documentation for more details:

If you have any questions, please contact Esri Technical Support.

Article ID:000022078

  • ArcGIS Online

Receive notifications and find solutions for new or common issues

Get summarized answers and video solutions from our new AI chatbot.

Download the Esri Support App

Related Information

Discover more on this topic

Get help from ArcGIS experts

Contact technical support

Download the Esri Support App

Go to download options