Community
Select to view content in your preferred language

esri_aopc missing

417
4
Jump to solution
06-24-2025 05:02 AM
Bernd_Loigge
by
Regular Contributor
‎06-24-2025 05:02 AM

Hi @JeffSmith ,

We're facing the same or a similar issue as described in the linked post. We are on ArcGIS Enterprise 11.3.

Our custom JavaScript application uses the IdentityManager to authenticate against our Enterprise Portal. However, the esri_aopc cookie is never created. Embedding Dashboards and Scene Viewer within our application via iframes works fine, but embedding StoryMaps via an iframe always results in a login screen.

When the user clicks the login button, the StoryMap fails to load and the login screen is shown again. On the second attempt, the StoryMap opens in a new browser tab with an error.

In the browser's developer tools, I can see that when clicking the login button the first time, login.microsoftonline.com tries to set the esri_aopc cookie — but because it's a third-party cookie (despite everything running under the same domain), it fails. I assume this happens because the login flow runs inside an iframe and is treated as third-party by the browser.

Is there any supported way to force the creation of the esri_aopc cookie during the login process via IdentityManager?

I'm also unsure whether the workaround mentioned in the linked post is considered a recommended or supported Esri approach.

Thanks in advance!

0 Kudos
1 Solution

Accepted Solutions
Bernd_Loigge
by
Regular Contributor
‎06-24-2025 07:46 AM

After a bit of reverse engineering and inspecting the redirect URI used when logging into the portal, I discovered that the OAuthInfo for the portal sets the appId value to "arcgisonline".
Previously, we had been using the application item's appId (client ID) from the portal for our JavaScript application.

However, when we set the appId to "arcgisonline"—just like the portal does—the esri_aopc cookie is set correctly, and StoryMap items can be displayed within an iframe.

View solution in original post

0 Kudos
4 Replies
Bernd_Loigge
by
Regular Contributor
‎06-24-2025 07:46 AM

After a bit of reverse engineering and inspecting the redirect URI used when logging into the portal, I discovered that the OAuthInfo for the portal sets the appId value to "arcgisonline".
Previously, we had been using the application item's appId (client ID) from the portal for our JavaScript application.

However, when we set the appId to "arcgisonline"—just like the portal does—the esri_aopc cookie is set correctly, and StoryMap items can be displayed within an iframe.

0 Kudos
JeffSmith
by Esri Contributor
Esri Contributor
‎06-24-2025 09:48 AM

Hi @Bernd_Loigge 

Yes, you are correct.  The esri_aopc cookie only gets set for specific clientIds - "arcgisonline" is one of them.  Another one you could use is "arcgisstorymaps".  The StoryMaps app needs the esri_aopc cookie to load properly.

0 Kudos
Bernd_Loigge
by
Regular Contributor
‎06-25-2025 12:11 AM

Thanks for the confirmation, @JeffSmith 
Is there any documentation on when to use the client ID of an application item versus using “arcgisonline” or “arcgisstorymap”?
We spent quite a bit of time identifying the issue in the end.
Some guidance on this topic (perhaps here ) would have been very helpful.

0 Kudos
Bernd_Loigge
by
Regular Contributor
2 weeks ago

@JeffSmith - do you have further information on this topic? One issue we now encountered is, that unfortunately setting the expiration value to one day (like we had it before) is not taken into account when using "arcgisonline" as appId.

0 Kudos