SAML log-ins to Portal for ArcGIS fail when Oracle Access Manager version 12c ( is the SAML Identity Provider.

Last Published: April 25, 2020

Error Message

When Oracle Access Manager (OAM) is used as the SAML Identity Provider (IDP), log-ins to Portal for ArcGIS fail with the error message:

"Unable to login using Idp. Unable to validate SAML response".

This occurs with OAM version and all versions of Portal for ArcGIS.


The digest value in the SAML assertion response received from OAM 12c contains an unexpected new line character. This is due to a known bug in Oracle Access Manager: #27032742 IDCS ADDS A NEW-LINE CHARACTER AT THE END OF `DIGESTVALUE'.

Solution or Workaround

Install the latest OAM patch from Oracle that includes the fix for bug 27032742 , for example: Patch “29825297 Oracle Web Service Manager BUNDLE PATCH ”.  Please note that an Oracle Support Subscription is required to access these links.

Article ID:000022094

Receive notifications and find solutions for new or common issues

Get summarized answers and video solutions from our new AI chatbot.

Download the Esri Support App

Discover more on this topic

Get help from ArcGIS experts

Contact technical support

Download the Esri Support App

Go to download options