Authenticating AGOL through SAML with Token using python

814
2
04-08-2019 02:59 PM
CoreyUnger
New Contributor II

I am trying to connect to my organizations AGOL account and retrieve a list of of objects. Our AGOL is authenticated using SAML. I have followed the steps here to create an application and used Postman to generate the python code required to create a token which I've made into a module called getToken.  When I try and search for AGOL content all I get is public content back. Which makes me think my token isn't working or getting passed in correctly to the GIS module? This is my code for my search:

from arcgis.gis import GIS
import  getToken
agolToken = getToken.getToken()
url = "https://myOrg.maps.arcgis.com/home"
item_types = [ "Web Map", "Web Mapping Application", "Map Service", "Feature Service" ]
gis = GIS(url, token =agolToken)
for itemtype in item_types:
   agol_items = gis.content.search(query="", sort_field="title", sort_order="asc", item_type=itemtype, max_items = 100000)
      for item in agol_items:
         print(item['title'],item['access'],item['type'])

As stated, this will only return public items. Is there a way I can be sure that my token is working? Is there something I am doing wrong? The token is coming in correctly from my getToken module. Even when I hardcode it in I still only get public content. 

Edit: 
I've tried passing in my client ID as suggested here. That brings up: 

Please sign in to your GIS and paste the code that is obtained below.
If a web browser does not automatically open, please navigate to the URL below yourself instead.
Opening web browser to navigate to: <URL>
Enter code obtained on signing in using SAML:

The page that comes up says Invalid redirect_uri Error: 400

0 Kudos
2 Replies
J_R_Matchett
New Contributor III

I was able to accomplish this for my organization's AGOL portal, but had to subclass and modify some methods of the GIS, Portal, and ArcGISConnection classes so they could handle an existing token. Here's the code. It's doing some other things like using the selenium package to automate SAML authentication, but focusing on how the tokens parameter and existing_tokens variable are being handled may give you some leads for your situation.

0 Kudos
AlexGilvarry1
New Contributor III

I also have this question

0 Kudos