Community
Select to view content in your preferred language

Allow Field Maps (Android) to Refresh Stored Authentication Token After Windows Password Change

185
0
3 weeks ago
Status: Open
Tom_Laue
by
Regular Contributor

Feature Request: Allow Field Maps (Android) to Refresh Stored Authentication Token After Password Change

Product

  • ArcGIS Field Maps (version 26 1.1)
  • ArcGIS Enterprise 11.3
  • Platform: Android 13 (Zebra tablets) 
  • Authentication: Portal for ArcGIS using Windows OAuth (via VPN)

Background / Problem Statement

In our environment, users access ArcGIS Field Maps on Android Zebra tablets while connected via VPN to our ArcGIS Portal, which authenticates using Windows OAuth.

Due to company security policy, Windows passwords must be changed every 90 days. When a user changes their Windows password, Field Maps on the Android device is unable to authenticate using the new credentials.

Current Behavior

  • Field Maps stores Windows credentials as an authentication token on the Android device.
  • After a Windows password change, this token cannot be overwritten by entering the new password in Field Maps.
  • As a result, users are unable to log in to Field Maps.
  • The only workaround is for the user to physically bring the device to IT so staff can manually clear the app cache.
  • Until this happens, the user is completely blocked from using Field Maps.

Business Impact

  • Field users lose productivity and may be unable to work in the field.
  • IT staff must spend time manually clearing cache on devices every 90 days.
  • This creates an unnecessary operational bottleneck for a routine and mandatory security process.
  • The issue scales linearly with the number of users/devices.

Current Workaround

Every time a user resets their Windows password:

  1. The user must bring the tablet to IT.
  2. IT clears the Field Maps app cache.
  3. The user can then log in again with the new credentials.

This process repeats every 90 days for every user.

Requested Enhancement

Update ArcGIS Field Maps (Android) to support one of the following behaviors:

  • Automatically invalidate and overwrite the existing authentication token when a user enters new credentials after a password change
    or
  • Detect an authentication failure due to invalid credentials and prompt the app to refresh or regenerate the token or
  • Provide an in-app option (or MDM-manageable setting) to clear cached credentials/token without requiring IT intervention

Expected Benefit

  • Eliminates unnecessary IT involvement for routine password changes
  • Restores user access immediately after password updates
  • Improves Field Maps usability in enterprise environments with standard security policies
  • Reduces downtime for field crews and support staff