ArcGIS Security
Overview
There are multiple ways of implementing security within ArcGIS Server. The biggest defining factor is whether ArcGIS Server is a standalone server or if it is federated with Portal for ArcGIS. Federating ArcGIS Server with Portal is the most common and recommended method of using ArcGIS server in an enterprise-level environment.
Federated Configurations
Federating an ArcGIS Server site with your portal integrates the security and sharing models of your portal with one or more ArcGIS Server sites. Federation is optional unless you want to do the following:
- Configure your site with a Security Assertion Markup Language (SAML) identity provider.
- Host tile layers, feature layers, and scene layers published by members of the portal.
- Allow members of the portal to perform spatial analysis in Map Viewer.
When you add a server to your portal as described in this topic, you are federating the server with the portal. A server that has been added to your portal is called a federated server.
More details and instructions on federating ArcGIS Server with Portal can be found in the ArcGIS documentation.
Token creation with credentials
When authenticating a user that is a stored within Portal (not Active Directory or another Identity Provider) a token can be generated for that user through the Portal "generateToken" endpoint (ex: https://portal.tsstools.com/portal/sharing/rest/generateToken).
Generate token workflow:
Token creation using implicit flow
TODO: Add content - @russell.green
Token creation using authorization code
TODO: Add content - @russell.green
Standalone (Not Federated)
TODO: Add content - @russell.green