Community
Select to view content in your preferred language

Reporter App - Securing hosted feature layer

457
4
Jump to solution
03-02-2026 06:17 AM
MCostley
by
Occasional Contributor
‎03-02-2026 06:17 AM

I need to set up a reporter app for data collection from the public with users' names, emails and phone numbers. I realize I can have that data hidden from the map using views, but the underlying REST endpoint is still public with the sensitive info.

I tried setting up limited access using this method: https://support.esri.com/en-us/knowledge-base/how-to-limit-access-to-secured-hosted-services-or-map-... but once the layer is created, reporter is throwing an error that the layer isn't editable.

Is there a way to configure public data collection that actually keeps the data secure, similar to Survey 123?

0 Kudos
2 Solutions

Accepted Solutions
StephanieW
by Esri Contributor
Esri Contributor
‎03-02-2026 08:46 AM

Hi @MCostley this sounds like BUG-000183128: Reporter Instant App displays error message "Web map does not contain any editable layers." when there is a feature layer with sublayers in the web map with the Update setting disabled. The bug is currently under review but enabling the update setting may be a viable workaround until the bug is fixed. 

View solution in original post

BethRomero
by Esri Contributor
Esri Contributor
‎03-02-2026 02:19 PM

@MCostley is your editable data a sublayer in a group? We are looking into an issue, and this could be related if it's grouped. 

View solution in original post

4 Replies
StephanieW
by Esri Contributor
Esri Contributor
‎03-02-2026 08:46 AM

Hi @MCostley this sounds like BUG-000183128: Reporter Instant App displays error message "Web map does not contain any editable layers." when there is a feature layer with sublayers in the web map with the Update setting disabled. The bug is currently under review but enabling the update setting may be a viable workaround until the bug is fixed. 

LakesGISMaps
by
Occasional Contributor
‎03-02-2026 09:43 AM

@MCostley We have been able to do this by adding our editable secured service as an item in AGOL by embedding credentials and then going to the settings of the new item and select "Limit usage" and only allow usage of the item by placing the url of the app that the public uses.  This will only allow access of the item through the app and not allow anyone from the public access to it by any other means in AGOL.

limit.png

url.png

 
BethRomero
by Esri Contributor
Esri Contributor
‎03-02-2026 02:19 PM

@MCostley is your editable data a sublayer in a group? We are looking into an issue, and this could be related if it's grouped. 

MCostley
by
Occasional Contributor
‎03-03-2026 06:16 AM

Yes I believe this was it! Thank you. I republished the layer separately and it seems to be working now.