Select to view content in your preferred language

Authenticate ArcGIS Portal SSO

809
0
07-27-2021 03:26 PM
JerryStafurik2
New Contributor

Hi,

I'm working on some REST services in .Net Core that authenticate against ArcGIS Portal using the 'AspNet.Security.OAuth.ArcGIS' library.

            services.AddAuthentication(options =>
                {
                    options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                    options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                    options.DefaultChallengeScheme = ArcGISAuthenticationDefaults.AuthenticationScheme;
                })
                .AddCookie(options =>
                {
                    options.Cookie.SameSite = SameSiteMode.Lax;
                    options.Cookie.SecurePolicy = CookieSecurePolicy.None;
                })
                .AddArcGIS(options =>
                {
                    options.ClientId = Configuration["Application:OAuth:ClientId"];
                    options.ClientSecret = Configuration["Application:OAuth:ClientSecret"];
                    options.AuthorizationEndpoint = Configuration["Application:OAuth:AuthorizationEndpoint"];
                    options.TokenEndpoint = Configuration["Application:OAuth:TokenEndpoint"];
                    options.UserInformationEndpoint = Configuration["Application:OAuth:UserInformationEndpoint"];
                });

 

Standalone this authentication works fine -- the user gets redirected to the ArcGIS Portal login page and after logging in, redirected back the original resource.  However, the services will be used within a map, where REST calls are used.  The user does not get prompted to login, as the services are not accessed directly.  Currently only a link to authorize is sent back as the response (I don't want the user to leave the map to login).  Considering the user has already logged into the map via Portal, how can I use this initial Portal authentication as a SSO, and pass through/accept the authenticated user in the custom .Net Core service?

Tags (3)
0 Kudos
0 Replies