Connect with SSO on Experience Builder application deployed in Enterprise

JasonBOCQUET · ‎10-25-2023

Hello, I try to develop my application in Experience Builder Developer.

I I successfully deployed my application to my Portal but when I share the link to my colleagues, they can't access to my application.

I set the share parameter of the layer in the application to "Organization only" because we don't want to publish data.

So when they click on the link, a pop-up asks them to enter their username/password to access to the application. But we use SSO with our Windows session IDs. If we use it to log in and use the app, it doesn't work.

How can we configure all of this so that the login/password request is SSO?

AngelaSchirck · ‎10-26-2023

I'm not quite sure what you mean, how do YOU log in? We use an SSO, to login to Enterprise we click the link to our SSO, then put our SIM credentials. See image:

Which takes us here:

JasonBOCQUET · ‎10-26-2023

Yes I know about that. But when I share the link of my arcgis experience builder, the application ask my users to type a login/password in a pop-up, not in the same windows that your screenshot is.

AngelaSchirck · ‎10-26-2023

Oh, i know, something like this:

Did you use developers ed of EB? Can the people in your org sign in first and then access the app?

I'm not sure how to get around that...This might be a question for ESRI Support.

JasonBOCQUET · ‎10-26-2023

Yes exactly that !

And yes I use developer edition of experience builder.

If people sign first in their account, they can access to the application. But it would be better if when I send a link to my colleagues, they can also choice to connect by the SSO and not with this strange login/password popup.

I think I have to contact ESRI support.

AngelaSchirck · ‎10-26-2023

One way around it...in our org we created an "admin" user that logs in directly not using the SSO. So if I log in with this account it works. You could possibly do that and give your colleagues these login credentials to view the app.

JasonBOCQUET · ‎10-26-2023

It could be a solution but not in long-term approach. If anyone move out of the society, we have to change the ID's. And this, everytime anyone leave the society.

Thanks for the idea !

JeffreyThompson2 · ‎10-26-2023

That sounds super dangerous. I would not recommend that.

GIS Developer
City of Arlington, Texas

JasonBOCQUET · ‎10-26-2023

you mean about security ? I take note of your prevention.

JeffreyThompson2 · ‎10-26-2023

The suggestion above gives everyone a password that gets around whatever safeguards are on your company's SSO and gives them Admin access to your ArcGIS Enterprise. A malicious actor could literally destroy your entire Enterprise. And as it is a shared password, they could log in months after they got fired, blow up your system and you would never be able to prove who did it.

GIS Developer
City of Arlington, Texas