ArcGIS Enterprise Server integrated with Azure Active Directory

SuhasGadhave1 · ‎08-26-2025

We’re currently working with an ArcGIS Enterprise Server that is integrated with Azure Active Directory (Azure AD) for authentication. Alongside this, we’ve developed a custom dashboard application that is also integrated with the same Azure AD setup for user authentication.

Here’s the scenario:
* A user logs into our custom dashboard using Azure AD credentials.
* After successful authentication, we want to allow the dashboard to access secured feature layers hosted on ArcGIS Enterprise Server.
* These feature layers are protected and require authentication, which is already handled via Azure AD in both systems.

Question:
How can we leverage the existing Azure AD authentication from the dashboard to access the secured feature layers on ArcGIS Enterprise Server without prompting the user to log in again or requiring separate credentials?

We’re looking for guidance on:
1. Whether token-based access is possible using Azure AD tokens.
2. How to configure ArcGIS Enterprise to accept tokens issued by Azure AD.
3. Any best practices or examples for implementing seamless SSO between a custom app and ArcGIS Enterprise.

JakeSkinner · ‎08-26-2025

Hi @SuhasGadhave1,

Here are the steps I would recommend:

1. Remove the Azure AD authentication from the custom dashboard

2. Allow automatic account creation for SAML logins

3. Enable SAML based group membership within Enterprise

4. Create a SAML based group in Enterprise

5. Share the secure services to this Group

When a user accesses the Dashboard, they will be prompted for credentials to access the secure services. If they do not have an account, their account will be created automatically in Enterprise. If their Azure AD account is part of the SAML based group the services are shared to, they will have access to the Dashboard.