Community
Select to view content in your preferred language

Generating Token via REST API

1655
7
Jump to solution
03-04-2024 06:29 AM
CodyPatterson
by
Frequent Contributor
‎03-04-2024 06:29 AM

Hey All,

I've been attempting to get to know the REST API a little more, and I have found some odd issues with generating a token.

I seem to only be able to use the PSA account siteadmin to generate a token. I attempted to use portaladmin and another built in account, but I continually am met with "Invalid username or password", when I am quite sure that the case-sensitivity has been tested, along with the password correct.

Is it only possible to generate a token via ArcGIS Server accounts? I attempted to create a user through the Server security settings and it still did not work.

Enterprise 11.2, ArcGIS Server federated with ArcGIS Portal.

Any ideas?

Thanks in advance!

Cody

0 Kudos
2 Solutions

Accepted Solutions
Thomas_Puthusserry
by
Frequent Contributor
‎03-04-2024 08:38 AM

Hi @CodyPatterson there are a couple of steps involved here, if you are going to access a resource via REST api. One of the option is to create a user account with edit role (will need creator license in the portal), add that user to a group (you may have to create a group with shared update enabled so that all users in that group can edit feature layers shared with them) and then  share the feature layer which you want to edit as an item to that group. 

You can then use that user credentials to generate token like this:

https://yourportaldomain.com/portal/sharing/rest/generateToken

Since the gis server is federated, the authentication to the server will be handled by the portal

Hope this helps.

Thomas

 

 

View solution in original post

0 Kudos
CodyPatterson
by
Frequent Contributor
‎03-04-2024 12:21 PM

Looks like I've found the issue, apparently I needed to use the referer URL in order to accomplish this, so setup the token through the portal/rest directory, and then use a portal login with the referer being the actual ArcGIS Server.

Thanks for the help @Thomas_Puthusserry, definitely pointed me in the right direction!

View solution in original post

7 Replies
JoshuaBixby
by MVP Esteemed Contributor
MVP Esteemed Contributor
‎03-04-2024 06:51 AM

It would help if you provided a bit more information.  It sounds like you are talking about an ArcGIS Enterprise deployment with portal and federated ArcGIS Servers (as opposed to stand-alone ArcGIS Server), correct?  When an ArcGIS Server is federated with a portal, the authentication goes through the portal except for the built-in PSA account.  The portal provides a token to use with the federated ArcGIS Server, you don't login directly to AGS with portal credentials.  What REST calls specifically are you using?

0 Kudos
CodyPatterson
by
Frequent Contributor
‎03-04-2024 07:06 AM

Hey @JoshuaBixby 

That is correct, Enterprise 11.2 with portal and federated servers. The REST call we are attempting to use would be the addFeatures POST request, a token would be required to use these services.

We have an application that we would like to move certain POST requests from pointing to a third-party vendor to instead point into ArcGIS Server to create the necessary points, lines, and polygons. I would like to not use the siteadmin credentials when performing these operations as that seems like a non-security conscious decision.

Hope that clears things up!

Cody

0 Kudos
Thomas_Puthusserry
by
Frequent Contributor
‎03-04-2024 08:38 AM

Hi @CodyPatterson there are a couple of steps involved here, if you are going to access a resource via REST api. One of the option is to create a user account with edit role (will need creator license in the portal), add that user to a group (you may have to create a group with shared update enabled so that all users in that group can edit feature layers shared with them) and then  share the feature layer which you want to edit as an item to that group. 

You can then use that user credentials to generate token like this:

https://yourportaldomain.com/portal/sharing/rest/generateToken

Since the gis server is federated, the authentication to the server will be handled by the portal

Hope this helps.

Thomas

 

 

0 Kudos
CodyPatterson
by
Frequent Contributor
‎03-04-2024 08:47 AM

Hey @Thomas_Puthusserry 

Thank you for the response! It was very straightforward so I appreciate that, I attempted to create the token and use it in the same way I had before using a GET request, and it now states Invalid Token. I attempted this with IP Address and IP Address of this request's origin.

CodyPatterson_0-1709570815730.png

 

CodyPatterson_1-1709570850613.png

 

Cody

0 Kudos
Thomas_Puthusserry
by
Frequent Contributor
‎03-04-2024 08:53 AM

If you use a token generated by the PSA does that work to edit on the layer? If so you may want to login in a different browser with the user credentials created and used to generate the token and check whether you can edit the feature layer in question.  

0 Kudos
CodyPatterson
by
Frequent Contributor
‎03-04-2024 08:59 AM

Hey @Thomas_Puthusserry 

Thank you for the quick response, I attempted with the Portal PSA and it remained the same, I attempted with the Server PSA as well and got Invalid Username or Password on the token generation, I assume due to it being a Server account not a Portal account. I was able to edit on both PSA and account tested, very unusual stuff!

Cody

0 Kudos
CodyPatterson
by
Frequent Contributor
‎03-04-2024 12:21 PM

Looks like I've found the issue, apparently I needed to use the referer URL in order to accomplish this, so setup the token through the portal/rest directory, and then use a portal login with the referer being the actual ArcGIS Server.

Thanks for the help @Thomas_Puthusserry, definitely pointed me in the right direction!