Error: SAML log-ins to Portal for ArcGIS fail when Oracle Access Manager version 12c (18.104.22.168.0) is the SAML Identity Provider.
When Oracle Access Manager (OAM) is used as the SAML Identity Provider (IDP), log-ins to Portal for ArcGIS fail with the error message:
"Unable to login using Idp. Unable to validate SAML response".
This occurs with OAM version 22.214.171.124.0 and all versions of Portal for ArcGIS.
The digest value in the SAML assertion response received from OAM 12c contains an unexpected new line character. This is due to a known bug in Oracle Access Manager: #27032742 IDCS ADDS A NEW-LINE CHARACTER AT THE END OF `DIGESTVALUE'.
Solution or Workaround
Install the latest OAM patch from Oracle that includes the fix for bug 27032742 , for example: Patch “29825297 Oracle Web Service Manager BUNDLE PATCH 126.96.36.199.0 ”. Please note that an Oracle Support Subscription is required to access these links.