WebGISDR authentication options

SimonSchütte_ct

Please provide official implementation patterns for WebGISDR automated backups when enforcing MFA for all accounts and built-in portal admin and server admin accounts are deleted.

Possible options include registering webgisdr as app, providing an authentication token, utilising authentication methods for script based authentication for all supported IdP.

The goal is to have a hardened ArcGIS Enterprise system while still being able to run WebGISDR fully automated, even when MFA is enforced for all accounts.

Similar ideas:
ArcGIS Web Adaptor 2FA - Esri Community
Portal Email Support Microsoft Modern Authenticati... - Esri Community

RyanUthoff · ‎02-13-2026

Thank you for submitting this idea and linking my similar idea to it! I definitely agree that this idea is much needed.

As I said in the idea I submitted, Esri states in their ArcGIS Enterprise Hardening Guide that "using any administrator account without MFA is a high-risk configuration", yet the WebGISDR tool requires an administrator account which is not compatible with MFA. So the WebGISDR is essentially designed to go against security best practices.

On a side note, I attended a session at the UC last year where they stated they're essentially revamping the WebGISDR tool, so I'm really hoping that security best practices gets incorporated into it.

SimonSchütte_ct · ‎03-16-2026

Looks like this will be addressed by the WebGISDR successor in the upcoming releases.
It is planned to provide an admin API endpoint for backup and restore, so it will use existing authentication methods.
Source: Developer Summit 2026

Status: On Roadmap