Reference secured service with SAML from another ArcGIS Enterprise

99
2
07-01-2020 12:18 AM
Highlighted
Regular Contributor

Hello,

I would like to reference in my ArcGIS Enterprise A a secured service from another ArcGIS Enterprise B configured with SAML authentification (to another IDP than my ArcGIS Enterprise A).

When trying to add this layer on my ArcGIS Enterprise A, it detects that the service is secured and prompt me for a username and password. The problem is that I have access to this other ArcGIS Enterprise B with an account from this IDP and not a built-in ArcGIS account.

How I am supposed to do ? 

What I had in mind was not to store the credentials, register my ArcGIS Enterprise as an "OAuth client" on that ArcGIS Enterprise B, and I was hopping that when adding this layer in my mapViewer it would then show their "autorize" popup as my ArcGIS Enterprise A has been registered on their ArcGIS Enterprise B.

Is that a non supported workflow ? If not, any workaround ?

Thanks !

Reply
0 Kudos
2 Replies
Highlighted
Occasional Contributor II

Unfortunately, it is not possible to use SAML accounts for token authentication as this would present a security concern that undermines the purpose of using a SAML IDP. 

If Enterprise B still has built-in accounts with access to the secure service (such as the default portal administrator account), entering those built-in credentials would work to access that service. 

If you want to share secure services between two Portals using SAML accounts, I would recommend using the Distributed Collaboration method instead.

Reply
0 Kudos
Highlighted
Regular Contributor

Thanks for your reply !

Reply
0 Kudos