Differences among authentication tiers for ArcGIS Server federated with Portal

04-09-2018 10:36 AM
New Contributor

My organization is running ArcGIS Server (version 10.5) federated with Portal. On our rest services directory there is no "Get Token" link, which from what I've read is tied to our server's authentication. Is this the case?

If we were to update our Authentication tier on our server (we have three options: GIS_SERVER, WEB_ADAPTOR, ARCGIS_PORTAL - with ArcGIS Portal currently set) would that affect whether a "Get Token" link appears in our rest services directory? I'm familiar with the Generate Token interface (https://.../sharing/rest/generateToken), but this interface doesn't allow the creation of 1-year tokens.

What are the differences among the three authentication settings, is there info on this somewhere? The info I've found on Web-tier or Portal-tier authentication is very brief, and I'm wondering what impact changing the server authentication settings will have on our Portal.

1 Reply
Esri Regular Contributor

According to the Rest API the the maximum length is 15 days


Generate Token—ArcGIS REST API: Users, groups, and content | ArcGIS for Developers 

If you have federate your Server with Portal the Authentication tier is ARCGIS_PORTAL.

For the GIS_SERVER and WEB_ADAPTOR Authentication tiers see here information Configuring ArcGIS Server security—ArcGIS Server Administration (Windows) | ArcGIS Enterprise 

Once you have the Server federated with Portal is not good idea to change the Authentication tier from ARCGIS_PORTAL.

An alternative solution is to use Proxy page GitHub - Esri/resource-proxy: Proxy files for DotNet, Java and PHP. 

and use Username and Password.