The Portal for ArcGIS documentation states:
Everyone—Sharing with everyone makes your item public; anybody who has access to the portal website can find and use it, and group owners can include it in their group content.
If your Portal uses SAML Authentication and has Anonymous Access toggled OFF what is the risk of setting content to Public?
The reason for the question is that many other GIS applications (QGIS, Global Mapper, etc) cannot access secured services content at this time, so I'm trying to get a better understanding of what 'Everyone' means and what the risks are.
Does this mean that web crawlers, bots, etc could find the content and it could end up being shown in ESRI's ArcGIS Online?
Does it mean someone that someone would need to 'stumble across' the correct URL to get at the content?
Any suggestions/comments/guidance would be greatly appreciated.
Warren
I believe that when it shared with everyone that anyone can find and view the layer or map without needing to sign in. Yes if they access a url with that layer or map they can view everything that is in it.
I am not sure about the SAML Authentication part of the question though.
Share items—ArcGIS Online Help | Documentation
"Share items with your organization or everyone, and a group
Share your items with your organization and a group if you want only members of your organization to have access to it, but you also want to highlight the content for a specific group. For example, a risk management analyst for an insurance company might need to share certain items with all members of their organization but cannot allow nonmembers to have access to them. The analyst may also want to share the items with a group composed of the other risk management analysts to make the items easier to find.
If you want to share thematic content with a subset of users or organize your content into a collection of items, but you also want everyone to have access to your item, you can share your item with a group and with everyone. For example, a fire agency that produces burn maps might want the general public to find and view the maps but also want members in the fire agency group to use the maps as templates for creating their own local versions."
If your Portal uses SAML Authentication and has Anonymous Access toggled OFF what is the risk of setting content to Public?
In that case 'Public' means anyone with a saml login. For example; I produce a ton of dashboards to be used internally, so the maps and data are on a saml protected portal as are the dashboards themselves; all are shared to everyone, so if a council member wants to see one of my dashboards, all (s)he needs is the internal portal url and hit it from a saml computer...
Thanks so much for the info Joe.
That is really what I was hoping 'Public' meant in this authentication context, but I have been unable to find anything in the documents that indicates this. Have you ever come across this in the docs anywhere?