identity manager login screen in Arcgis Maps SDK for JavaScript 4.28

muygunol · ‎01-10-2024

Hello.
I am having trouble bypassing the identity manager login screen in Arcgis Maps SDK for JavaScript 4.28 version.

To summarize; In Arcgis js api 3.x versions, I could view an encrypted rest service on the arcgis server thanks to the token value I obtained. (For applications created by arcgis web app builder developer edition)

For this process, I obtain tokens using the POST method on the Arcgis server with the user information I obtained from the custom login screen, and then use the esriId.registerToken function and save the login information in json format into local storage.
When directed back to the application, I can use the credentials and serverInfos information in the local storage and bypass the identitymanager login screen with the esriId.initialize function.
(Reference: https://developers.arcgis.com/javascript/3/jssamples/widget_identitymanager_client_side.html)

Get Token

var tokenvalue = $.ajax({
            type: "POST",
            url: generatetokenaddress,
            data: {
              username: username,
              password: password,
              client: "referer&requestip",
              referer: locationaddress,
              expiration: '60',
              f: "json"
            },
            dataType: "json"
          }).done(function (response)

Register Token

            if (response.token) {
              IdentityManager.registerToken({
                server: restserviceaddresss,
                token: response.token,
                expires: response.expires,
                ssl: false,
                userId: username
              });
            };

Set Local Storage

 if (response.token !== undefined) {
              var idString = JSON.stringify(IdentityManager.toJson());
              if (supports_local_storage()) {
                window.localStorage.setItem(cred, idString);

Example of data in local storage for 3.x:

{
    "serverInfos": [
        {
            "server": "https://domain/arcgis",
            "tokenServiceUrl": {
                "promise": {},
                "_pendingDfd": {
                    "promise": {},
                    "ioArgs": {
                        "args": {
                            "url": "https://domain/arcgis/rest/info",
                            "content": {
                                "f": "json"
                            },
                            "handleAs": "json",
                            "callbackParamName": "callback",
                            "timeout": 60000
                        },
                        "url": "https://domain/arcgis/rest/info?f=json",
                        "query": null,
                        "handleAs": "json",
                        "xhr": {}
                    }
                },
                "adminUrl_": "https://domain/arcgis/admin/generateToken"
            },
            "hasPortal": true
        }
    ],
    "oAuthInfos": [],
    "credentials": [
        {
            "userId": "username",
            "server": "https://domain/arcgis",
            "token": "tokenvalue",
            "expires": 1704892574229,
            "ssl": false,
            "creationTime": 1704888975210,
            "scope": "server",
            "resources": [
                "https://domain/arcgis/rest/services/"
            ]
        }
    ]
}

When I want to use the same scenario with the web application produced with Experience Builder Developer Edition, although it initializes the json data shown below and no error message occurs, the identity manager login screen is not bypassed and asks for user login again.

Get Token and register token codes are same like 3.x but configured for 4.28.

4.28 created credential json data in local storage for esriid.initialize:

{
    "serverInfos": [
        {
            "adminTokenServiceUrl": "https://domain/arcgis/admin/generateToken",
            "currentVersion": "10.7",
            "hasPortal": false,
            "server": "https://domain/arcgis",
            "shortLivedTokenValidity": 60,
            "tokenServiceUrl": "https://domain/arcgis/tokens/",
            "webTierAuth": true
        }
    ],
    "oAuthInfos": [],
    "credentials": [
        {
            "userId": "username",
            "server": "https://domain/arcgis",
            "token": "tokenvalue",
            "expires": 1704892922005,
            "ssl": false,
            "creationTime": 1704889323452,
            "scope": "server",
            "resources": [
                "https://domain/arcgis/rest/services/"
            ]
        }
    ]
}

Thanks in advance for your help.

Server and portal info:
Arcgis Enterprise Server 10.7 (not federated and active directory connection available for user management)
Arcgis Enterprise Portal 10.7 for web map. (the web map used is publicly available)

Noah-Sager · ‎01-10-2024

Hi @muygunol, have you seen the 4x samples and tutorials? They might explain how 4x works, compared to 3x.

tutorial:
https://developers.arcgis.com/javascript/latest/tutorials/implement-user-authentication/

sample:
https://developers.arcgis.com/javascript/latest/sample-code/identity-oauth-basic/

experience builder questions:
https://community.esri.com/t5/arcgis-experience-builder-questions/bd-p/arcgis-experience-builder-que...

muygunol · ‎01-11-2024

Thank you for the answer.

In both scenarios for 3.X and 4.X API, I try to use token-Based Authentication services.

There is no problem with the server in a valid token. Because when I add the token value I supplied to the end of the relevant web service, I can reach the service.

In the following stages, esriId.registerToken method and the Credential and Serverinfo values produced for 3.x Api are different from what I produce using 4.x Api. (I mentioned it in my first message.)

3. x Api use; When the application is opened, the "Code: 499, Message:" Token Required "error for the encrypted service layer after the esriId.initialize process.
Immediately afterwards, it adds the token value to the service address and opens the map.

However, in the application that uses 4.28 API, the "Code: 499, Message:" Token Requirered "error is not carried out after the error.

What should be the values of serverinfo and credentals to the initialized content for 4.28 api?

Thanks

ViktorSafar · ‎01-14-2024

Sorry, can't help, but you might get help in the ExB forum: https://community.esri.com/t5/arcgis-experience-builder-questions/bd-p/arcgis-experience-builder-que...

muygunol · ‎03-20-2024

I think there is no progress on the issue. i could not find any solution.
I create a token externally and do everything without opening the experience application, but the identity manager login screen appears again.
I think we need to pass this login information to the map widget section in experience builder. but how?