When Oracle Access Manager (OAM) is used as the SAML Identity Provider (IDP), log-ins to Portal for ArcGIS fail with the error message:
"Unable to login using Idp. Unable to validate SAML response".
This occurs with OAM version 126.96.36.199.0 and all versions of Portal for ArcGIS.
The digest value in the SAML assertion response received from OAM 12c contains an unexpected new line character. This is due to a known bug in Oracle Access Manager: #27032742 IDCS ADDS A NEW-LINE CHARACTER AT THE END OF `DIGESTVALUE'.
Install the latest OAM patch from Oracle that includes the fix for bug 27032742 , for example: Patch “29825297 Oracle Web Service Manager BUNDLE PATCH 188.8.131.52.0 ”. Please note that an Oracle Support Subscription is required to access these links.