Support non-interactive login of AD users with OpenID connect

LorenzMeyer1

With ArcGIS Enterprise 10.9 it is possible to configure your ArcGIS Portal to use OpenID Connect for login. Unfortunately the Python API for ArcGIS does not fully support this for an "non interative way" (browser opens for identification). For automation purposes it should be possible to use AD users to login without interaction.

The current solution proposed from Esri is to use builtin users for this kind of automation.

AndrewChapkowski · ‎07-26-2023

Implementing a non-interactive way of doing SAML login defeats the whole purpose of SAML authentication. Please talk to your IT department about alternative methods of logging in.

You can currently use ArcGIS Notebooks with GIS("home") or ArcGIS Pro login to script with SAML GIS("pro").

Subu_Swaminathan_GISP · ‎07-26-2023

Not sure the original poster question that many of us have was addressed. They asked for a non-interactive way to use AD users with Python API.

Most IT depts these days either require the use of purposed least privilege AD user accounts or gMSA AD accounts to run scripts/tasks on schedule. so why cannot the Python API accommodate such accounts in the script itself to connect to an AGOL or a Portal?