Highlighted

iOS Apps Won’t Login (Hanging Login Screen)

New Here ,
Apr 26, 2020

Copy link to clipboard

Copied

All Adobe app (Creative Cloud, Photoshop, Premiere, and etc) will not allow me to login in on any mobile iOS devices. On Mac OS, Windows, and even the browser on my mobile devices will allow me to login via Enterprise. I have tried multiple apps on my iPad Pro 12.9 and iPhone XR but the same result. Usually there's an option on windows to click the enterprise sign on then it will take me to my districts portal to sign in from there or I just enter my email then it takes me in from there. On iOS this doesn't happen instead I get stuck at this screen (Screenshot in post) with no progress no matter what I do. And the only option is adobe sign in then to input my email nothing else. Also I know my login is correct because I went to the browser to login into CC and it worked.

I have uninstalled/reinstalled all the adobe apps multiple times along with make sure they have the lastest update. Signed out on other devices just to be sure but no success. Anything else I can do?

I'm writing this to inform you that If you are using Federated IDs and are using Adobe iOS mobile apps, check to see if your Single Sign On (SSO) server supports Apple’s App Transport Security (ATS) requirements. Update your servers to support ATS requirements before January 1, 2017 to sign in to Adobe iOS applications.
 
Background
In iOS9, Apple introduced a new security feature called App Transport Security (ATS). To be ATS compliant:
 
Server must support at least Transport Layer Security (TLS) 1.2
Connection ciphers must provide forward secrecy
Certificates must be signed with either an RSA key with a length of at least 2048 bits or an ECC key with a size of at least 256 bits 
 
 
Action Required
Verify that your Single Sign-On setup for Federated IDs is compliant with the requirements for ATS.
 
If your server is not compliant, update your servers to support the App Transport Security requirements before to continue your access to Adobe iOS applications using Federated IDs. If you're using a third-party Identity Provider service, contact your service provider with this information.
 
Testing ATS Connection Capability
Here are two ways to check if the server is compliant with ATS:
 
Method 1: Use SSL Labs' online utility
SSL labs (which has become the industry standard for measuring security of TLS configuration) has a check for ATS compliance. To verify compliance, do the following:
 
Go to https://www.ssllabs.com/ssltest/analyze.html
 
Enter the IDP Login URL used to configure Single Sign On. For more information see, Configure Single Sign-On.
 
Click Submit.
 
Once the results are ready, check Apple ATS 9 / iOS 9 option in the Handshake Simulation option. If it is green, it means that your server supports ATS requirements.
 
ATSgood
If your server does not support ATS requirements, then you will see a red error message similar to the error below:
 
ATSBad
Method 2: Use nscurl command from a Mac computer
If you are using Mac OS X 10.11 "El Capitan" or later, you can also use the nscurl command.
 
In the MAC Terminal, type:
 
nscurl --ats-diagnostics <url> 
 
If the url is ATS compatible, you will see:
 
mac
Updating your server
Please contact your Identity Provider (IdP) to update security settings on your SSO server to support TLS v1.2 and Forward Secrecy for continued use of Adobe iOS apps.

Topics

Enterprise, Identity and SSO, Troubleshooting

Views

545

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

iOS Apps Won’t Login (Hanging Login Screen)

New Here ,
Apr 26, 2020

Copy link to clipboard

Copied

All Adobe app (Creative Cloud, Photoshop, Premiere, and etc) will not allow me to login in on any mobile iOS devices. On Mac OS, Windows, and even the browser on my mobile devices will allow me to login via Enterprise. I have tried multiple apps on my iPad Pro 12.9 and iPhone XR but the same result. Usually there's an option on windows to click the enterprise sign on then it will take me to my districts portal to sign in from there or I just enter my email then it takes me in from there. On iOS this doesn't happen instead I get stuck at this screen (Screenshot in post) with no progress no matter what I do. And the only option is adobe sign in then to input my email nothing else. Also I know my login is correct because I went to the browser to login into CC and it worked.

I have uninstalled/reinstalled all the adobe apps multiple times along with make sure they have the lastest update. Signed out on other devices just to be sure but no success. Anything else I can do?

I'm writing this to inform you that If you are using Federated IDs and are using Adobe iOS mobile apps, check to see if your Single Sign On (SSO) server supports Apple’s App Transport Security (ATS) requirements. Update your servers to support ATS requirements before January 1, 2017 to sign in to Adobe iOS applications.
 
Background
In iOS9, Apple introduced a new security feature called App Transport Security (ATS). To be ATS compliant:
 
Server must support at least Transport Layer Security (TLS) 1.2
Connection ciphers must provide forward secrecy
Certificates must be signed with either an RSA key with a length of at least 2048 bits or an ECC key with a size of at least 256 bits 
 
 
Action Required
Verify that your Single Sign-On setup for Federated IDs is compliant with the requirements for ATS.
 
If your server is not compliant, update your servers to support the App Transport Security requirements before to continue your access to Adobe iOS applications using Federated IDs. If you're using a third-party Identity Provider service, contact your service provider with this information.
 
Testing ATS Connection Capability
Here are two ways to check if the server is compliant with ATS:
 
Method 1: Use SSL Labs' online utility
SSL labs (which has become the industry standard for measuring security of TLS configuration) has a check for ATS compliance. To verify compliance, do the following:
 
Go to https://www.ssllabs.com/ssltest/analyze.html
 
Enter the IDP Login URL used to configure Single Sign On. For more information see, Configure Single Sign-On.
 
Click Submit.
 
Once the results are ready, check Apple ATS 9 / iOS 9 option in the Handshake Simulation option. If it is green, it means that your server supports ATS requirements.
 
ATSgood
If your server does not support ATS requirements, then you will see a red error message similar to the error below:
 
ATSBad
Method 2: Use nscurl command from a Mac computer
If you are using Mac OS X 10.11 "El Capitan" or later, you can also use the nscurl command.
 
In the MAC Terminal, type:
 
nscurl --ats-diagnostics <url> 
 
If the url is ATS compatible, you will see:
 
mac
Updating your server
Please contact your Identity Provider (IdP) to update security settings on your SSO server to support TLS v1.2 and Forward Secrecy for continued use of Adobe iOS apps.

Topics

Enterprise, Identity and SSO, Troubleshooting

Views

546

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Adobe Employee ,
Apr 27, 2020

Copy link to clipboard

Copied

I'm writing this to inform you that If you are using Federated IDs and are using Adobe iOS mobile apps, check to see if your Single Sign On (SSO) server supports Apple’s App Transport Security (ATS) requirements. Update your servers to support ATS requirements before January 1, 2017 to sign in to Adobe iOS applications.
 
Background
In iOS9, Apple introduced a new security feature called App Transport Security (ATS). To be ATS compliant:
 
Server must support at least Transport Layer Security (TLS) 1.2
Connection ciphers must provide forward secrecy
Certificates must be signed with either an RSA key with a length of at least 2048 bits or an ECC key with a size of at least 256 bits 
 
 
Action Required
Verify that your Single Sign-On setup for Federated IDs is compliant with the requirements for ATS.
 
If your server is not compliant, update your servers to support the App Transport Security requirements before to continue your access to Adobe iOS applications using Federated IDs. If you're using a third-party Identity Provider service, contact your service provider with this information.
 
Testing ATS Connection Capability
Here are two ways to check if the server is compliant with ATS:
 
Method 1: Use SSL Labs' online utility
SSL labs (which has become the industry standard for measuring security of TLS configuration) has a check for ATS compliance. To verify compliance, do the following:
 
Go to https://www.ssllabs.com/ssltest/analyze.html
 
Enter the IDP Login URL used to configure Single Sign On. For more information see, Configure Single Sign-On.
 
Click Submit.
 
Once the results are ready, check Apple ATS 9 / iOS 9 option in the Handshake Simulation option. If it is green, it means that your server supports ATS requirements.
 
ATSgood
If your server does not support ATS requirements, then you will see a red error message similar to the error below:
 
ATSBad
Method 2: Use nscurl command from a Mac computer
If you are using Mac OS X 10.11 "El Capitan" or later, you can also use the nscurl command.
 
In the MAC Terminal, type:
 
nscurl --ats-diagnostics <url> 
 
If the url is ATS compatible, you will see:
 
mac
Updating your server
Please contact your Identity Provider (IdP) to update security settings on your SSO server to support TLS v1.2 and Forward Secrecy for continued use of Adobe iOS apps.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...