I have ArcGIS Enterprise 10.5.1 set up in a customer's environment.Their ArcGIS Server is Federated to Portal. Their environment consists of:
They have Web Tier Authentication activated and map services are shared to groups within Portal.
When my token has timed out, if I try to access a webmap through portal's map viewer it fails to authenticate and I get invalid token messages in my browser console and in the Server logs.
If I access the service directory as the same user via the arcgis web adaptor, I find that I need to click the login link and this seems to generate a valid token, that will then allow my webmap to work in the map viewer (or any other web app), until the token times out again.
Can anyone explain why this is happening?
The web server does have an alias to the hostname, but AFAIK everything has been set up on the web server using that alias (not the actual internal hostname). The alias is in a different domain to the internal server name. Don't know if this infomation is relevant but I've included it in case it is.
Solved! Go to Solution.
Dumb question I am asking here: have you gone here About ArcGIS tokens—ArcGIS Server Administration (Windows) | ArcGIS Enterprise and looked at the time-out settings for your short-lived and long-lived tokens in ArcGIS Server?
We had to adjust ours short-lived and long-lived lifespan values to cope with this issue, especially after we implemented the ADFS OAuth2 on our servers; the users sign-in through Portal and after we did this, we had to understand the time-out values settings again - tweaking it so that we did not have these short-lived tokens causing issues.
If you read that topic in that link above, and the sub-topics under that ArcGIS token-based authentication - it may give you better insight into what is going on with your particular situation. Lots of moving parts to orchestrate depending on your security set-up.
Our AZURE system administrator contacted Esri Support and got some good guidance from them on this, real-time.
Anyhow, hope this helps.
I am currently running 10.6.1 and I am getting a bunch of errors related to tokens. Everything still works but it is super slow. Is there a patch like this for version 10.6.1?
Server machine 'https://URL:7443/arcgis/sharing/rest/community/self' returned an error. 'Invalid token.'