Community

Map Viewer template and authentication

605
2
12-16-2022 03:12 PM
KevinCheriyan
by
Occasional Contributor
‎12-16-2022 03:12 PM

I have a custom application in AppStudio that uses the MapViewer template to display a secured webmap retrieved from the client's Enterprise portal.

I want the user to start my map viewer template application and be able to view the map and layers without logging in. Instead, I have a portal token that is generated elsewhere in my custom application that I would like to authenticate the user with.

But in my research, I've not found a way to authenticate with anything but oAuth. Here's how far I got:

In SignInPage.qml (located in views directory), there is the authenticationChallenge signal that gets called from AuthenticationController.qml (located in views/Controller directory). The challenge parameter that gets passed in (AuthenticationChallenge) has a Enums.AuthenticationChallengeType value of Enums.AuthenticationChallengeTypeOAuth

The specific question that I have is this:

Is there any way to trigger this authentication challenge with a different challenge type than OAuth? Like Enums.AuthenticationChallengeTypeUsernamePassword ? Perhaps, I could start with authenticating using username/password and then move on to portal token authentication.

TLDR: I want to authenticate a secured map from Portal in MapViewer without requiring my users to log in. I would like to authenticate using pre-generated portal token instead of authenticating on the spot with OAuth which requires the user to log in.


--------------------------------------------------
Application Developer, GeoMarvel
0 Kudos
2 Replies
TrevorFrame
by Esri Contributor
Esri Contributor
‎12-20-2022 08:37 AM

Hi @KevinCheriyan,

I think the sample, OAuth Biometric Authentication, has what you're looking for. The user workflow is if it is the first time logging into the app, the user sees the Portal OAuth username/password screen and logs in. Returning to the app, the user can skip entering username and password. The way this works is the oAuth refresh token and token service url are stored in SecureStorage and used when loading the app the following times. 

This sample will also use biometric authentication for returning sign in as added security. 

Best,

Trevor

KevinCheriyan
by
Occasional Contributor
‎02-17-2023 02:37 PM

Thanks for the response, @TrevorFrame . We were looking for a solution that would let the user bypass the OAuth login screen by supplying the application with portal token from the code. In our case, we didn't want the user to see the login screen even once. To solve this problem, we ended up creating our own MapViewer template application from scratch that customized Authentication to exactly what we needed. Appreciate the AppStudio team and all the great work that you guys do! 👏


--------------------------------------------------
Application Developer, GeoMarvel