Bug: First and last name values are not saved to the user profile when logging in with a SAML enterprise account
When logging in to ArcGIS Online or ArcGIS Enterprise 10.6.1 or earlier using a Security Assertion Markup Language (SAML) enterprise account, the user's first and last name values are not saved to the user's profile. The SAML assertion response sent from the Identity Provider contains the user's first and last name values in the 'givenname' and 'surname' attributes. However, only the user's first name is set, while the last name remains empty.
This is a known issue (BUG-000097243).
To set a user's first and last names, configure the Identity Provider (IDP) to send the value of the user's display name (first name followed by last name) in the 'givenname' attribute.
The SAML assertion response sent by the IDP contains the 'givenname' attribute, as shown below:
<Attribute Name="givenname"> <AttributeValue>FirstName LastName</AttributeValue> </Attribute>
For instructions on configuring the attributes returned in the SAML assertion response, refer to your IDP documentation.
- Esri Support - BUG-000097243
- ArcGIS Online - Configure Active Directory Federation Services
- ArcGIS Online - Configure Shibboleth
- Portal for ArcGIS - Configure Active Directory Federation Services
- Portal for ArcGIS - Configure Shibboleth