Has anyone yet had any experience of integrating an On-Premise ArcGIS Enterprise deployment with Azure AD Application Proxy? I'm particularly interested in achieving Single Sign On for On Premise users as well as external users.
I've not yet been able to perform a test, but would be interested to hear of how others have got on with getting the two to work together, and whether there are any lessons to be learnt?
We have documentation on how to configure Portal for ArcGIS with Azure AD:
This looks like the Documentation from the Azure side of things:
I've not actually set this up on my own but potentially someone in the community has and can share the experience had on this thread.
Hope this helps!
We are also having issues trying to implement Azure Enterprise Application Proxy. We have it working with SAML and working really well in browsers, but when it comes to ArcGIS Collector App this does not.
When you got the AAP to work with ArcGIS Enterprise in browsers, did you use Pre-authentication or Pass through? I am interested in using AAP for webapplications hosted in Portal, but I need it to work with pre authentication.
Hi David Martin,
You may want to take a look at your 'pre-authentication' configuration for the Azure App Proxy.
The "Azure Active Directory" setting causes a 302 redirect for users to sign in with Azure AD credentials and is currently known to be problematic for the ArcGIS Field Apps suite.
Using the "Passthrough" setting won't require users to authenticate with Azure AD and client requests will be forwarded to ArcGIS Enterprise. The following link may provide further detail: Tutorial - Add an on-premises app - Application Proxy in Azure AD | Microsoft Docs
credit to Philip McNeilly for this product support knowledge.