Python SAML login

401
6
Jump to solution
11-02-2020 02:41 PM
Rey_A_Santiago
New Contributor II

Our organization uses SAML for access into the organization’s AGOL site. We’ve tried using the recommended Python methods of logging in but none have worked. Can someone please point me to info on how to log into AGOL using SAML in a Python script?

Reply
0 Kudos
1 Solution

Accepted Solutions
simoxu
by MVP Regular Contributor
MVP Regular Contributor

As Stated in the help document Calvin mentioned:

"Non-Interactive Login Experience

The recommended suggestion for non-interactive login scripts is to use the built-in identity provider instead of SAML."

Our portal is using SAML for internal staff, but we can create built-in users when needed. With the built-in named user you can login by username and password.

Hope this information useful

View solution in original post

6 Replies
CalvinLietz
Esri Contributor

Hi Rey,

Is this the documentation you are looking at? Working with different authentication schemes | ArcGIS for Developers 

This has worked well for me in the past. Once you have obtained the App Id after registering a new application with ArcGIS Online, you can copy the ID and paste it in your Python script where you are making the GIS object.

import arcgis

from arcgis.gis import gis

gis=GIS("https://arcgis.com", client_id="myAppID")

After running this, a new window should open in your web browser prompting you to log in. Sign in using your enterprise logins, and then copy the OAuth2 approval code. Go back to your Python script, and paste the code in the prompt to finish initializing the GIS object.

You should only need one application code/client_id parameter for all users in your AD that want to sign into ArcGIS Online.

Does this work for you?

Calvin

Rey_A_Santiago
New Contributor II

Thanks Calvin! I will try this as soon as I can get back on the project. I will let you know the result.

Reply
0 Kudos
Rey_A_Santiago
New Contributor II

Calvin, thanks for your suggestion. However, we require a non-interactive login.

Reply
0 Kudos
Daniel-Miller
New Contributor

Any update on this? We are looking to switch to SAML authentication for our ArcGIS Enterprise setup, and wondering how we will be able to perform scripted background tasks. We currently have a number of scripted tasks that run as service accounts, for example adding portal items harvested from another location, or adding features to a hosted feature service from a data feed. Currently these scripts retrieve a token from the REST endpoint with a username and password. Will that still work when we switch across to SAML?

Reply
0 Kudos
simoxu
by MVP Regular Contributor
MVP Regular Contributor

As Stated in the help document Calvin mentioned:

"Non-Interactive Login Experience

The recommended suggestion for non-interactive login scripts is to use the built-in identity provider instead of SAML."

Our portal is using SAML for internal staff, but we can create built-in users when needed. With the built-in named user you can login by username and password.

Hope this information useful

View solution in original post

Daniel-Miller
New Contributor

Thanks simoxu.