local app with secure webmap: how to skip credentials panel?

858
4
09-13-2018 07:23 AM
MarcLEMAIRE
New Contributor III

Hello,

I have registered a local app (generated with Web AppBuilder) containing a secure webmap (shared with a group).

When I access this app directly from a web browser, the app show me the credentials panel. It's normal because the application doesn't know me.

But, when I 'm already connected to my ArcGIS Online account, and that I try to launch this app just by clicking on the app item , I have to enter my credentials again!!! How can I skip this second credentials panel?

Actually, I just want to have the same behaviour for my local webapp as for an hosted webapp: Once, I'm connected, I don't need to give anymore my credentials.

I've tried the arcgis proxy solution but then, credentials are never asked, even if I'm an anonymous user!!! It's not what I want.

Does anybody know a solution?

Marc

Tags (2)
0 Kudos
4 Replies
JohnGrayson
Esri Regular Contributor

I could be wrong, but it's my understanding that credentials are based on the originating domain.  I think you're not "already connected to my ArcGIS Online account" when running your local app as it doesn't originate from the same domain as the app that generated those credentials (such as arcgis.com).  What I normally do in this use case is to use just the base domain when registering app items, so once I've provided my credentials to one of my apps originating from that domain, then the credentials will be used for other apps originating from the same domain.

MarcLEMAIRE
New Contributor III

Thanks for your reply John,

To be clear, here is the workflow of my organization's users:

They authenticate themselves to the AGOL organization then they click on the links to the applications they need for their respective jobs.

They don't know if an app is locally hosted or on AGOL hosted.

If an app is on AGOL hosted, the app opens normally.

If an app is locally hosted, the app asks to authenticate themselves again.

...I don't want this double behaviour.

I've also tried to just add a base domain to the registration information as you wrote, but It doesn't work better. I still have to give my credentials, and that everytime I try to open the application.

Maybe could you give me an example of your parameters?

0 Kudos
JohnGrayson
Esri Regular Contributor

Marc, what you describe is the correct behavior; the credentials for apps hosted on arcgis.com can't be used for apps hosted on your own domain.  If using OAuth to authenticate, we always make sure to call IdentitiyManager.registerOAuthInfos(...)  with the appropriate appid, and then depending on what we need to do we sometimes use a combination of IdentityManager.checkSignInStatus(...) and/or the 'authMode' Portal constructor parameter to help with the sign-in process.  Something similar to this:

IdentityManager.checkSignInStatus(portalUrl).then(()=>{
  /*...do other things here...*/
  const myPortal = new Portal({url:portalUrl,authMode:"immediate"});
  myPortal.load().then(()=>{
   console.info(myPortal.user, myPortal);
   /*...do other things here...*/
  });
});‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

I hope this helps.

Jianxia
Esri Regular Contributor

Marc, 

By default, Identity manage is triggered when the item is not shared publicly in the app created by Developer Edition. However, you can improve the experience by registering your hosted app in the org to use the OAuth. In this way, if you already sign in ArcGIS Online, the hosted app would pop up the OAuth for approval only, no need to fill in the credentials. Hope this helps.

Jianxia