Is This Content Helpful?
How can we make this better? Please provide as much detail as possible.
Contact our Support Team
Be The First To Get Support Updates
Want to know about the latest technical content and software updates?
Problem: Unable to generate tokens using ArcGIS Enterprise SAML-authenticated accounts
Description
Configuring a Security Assertion Markup Language (SAML) identity provider with ArcGIS Enterprise allows users to log into the organization using the credentials set up in an identity store without creating additional logins. However, when using a SAML login in ArcGIS Enterprise, users are unable to generate access tokens to provide temporary authorization for system access.
Cause
This issue is by design. It is not possible to allow token-based security with SAML-authenticated accounts without undermining the security provided by the SAML identity provider.
Solution or Workaround
In ArcGIS Enterprise, configure and use OAuth 2.0 to generate temporary access tokens with a SAML-authenticated account. Refer to Mapping APIs and location services: OAuth 2.0 for more information.
Related Information
- ArcGIS REST APIs: /generateToken: Generate Token
- ArcGIS API for Python: Working with different authentication schemes
- Portal for ArcGIS: Configure a SAML-compliant identity provider with a portal
- Esri Community: Unable to Generate Tokens using SAML enterprise accounts
Last Published: 1/24/2023
Article ID: 000029156
Software: ArcGIS Server 10.9.1, 10.9, 10.8.1, 10.8 Portal for ArcGIS 10.9.1, 10.9, 10.8.1, 10.8
Download the Esri Support App on your phone to receive notifications when new content is available for Esri products you use
Download the Esri Support App on your phone to receive notifications when new content is available for Esri products you use
