After exploring options with an ESRI Support Services representative, it was determined that no current functionality exists with the ArcGIS Python API to limit access / usage for secure services feature layers with stored credentials.
Manually in ArcGIS Online (AGOL) now, one can create a secure service of an existing hosted feature layer by storing their credentials (ArcGIS Online username and password) within the new service itself (see here). After this, one can then alter the settings of the new secure service to Limit Usage of the service by enabling a timed rate limit and specifying very specific IP or URL addresses where the service can appear. Following the documentation in the following links will lead you to this look on a browser:
While it is possible to add a web layer with stored credentials to ArcGIS Online using ArcGIS API for python, there does not seem to be a way to set limited access to these secured hosted services using the ArcGIS python API. This would be a valuable feature for organizations that want to be able to use the AGOL platform to publicly display and share data with personally identifiable information while protecting that data from full public access. Particularly in combination with Hosted Feature Layer Views (see here and here), these secure services can allow curated snapshots of datasets that include data that the publishing organization or their data partners/stakeholders do not want to be accessible to the general public in ways that public feature layers are on AGOL.
Current workflows are still being explored on how to circumvent this python API limitation by using python in combination with other API services like JavaScript API and REST API. However, the ability to achieve these ends all from within the ArcGIS python API itself would be a valuable feature.
Current arcgis library version: 1.8.4
Note: Cache control may be a parallel yet complimentary additional missing python API functionality for ArcGIS.
I believe this is already possible. After accessing the item, check the serviceProxyParam property, there you will find the information required. I believe this is the correct syntax:
{ "referrers": ["https://foo.com", "https://bar.com"],
"hitsPerInterval": 1000,
"intervalSeconds": 60
}
@HuubZwart My issue is that I cannot yet find the `serviceProxyParam` property in python. I can access the web service item in python and see a good number of its other properties. I can also manually edit these service proxy parameters in ArcGIS Online. Exactly how in python should I access an item's `serviceProxyParam` property?
I'm not finding a lot of other documentation on this in the arcgis python API reference documentation or elsewhere.
Update: @HuubZwart was correct. This is a item of the properties dictionary for secure services that already have URLs or rate limiting data attached to them. The documentation for this can be found here. Furthermore, I wrote a wrapper script below for myself that others may find useful. This idea can be closed.
def change_url_parameters_secserv(secserv: arcgis.features.FeatureLayer, url, append_rather_than_replace: bool = True) -> arcgis.features.FeatureLayer:
""" Add allowable URLs to a secure service! """
# Suggested by a reply to my idea on AGOL API ideas, code developed by me.
# https://community.esri.com/t5/arcgis-online-ideas/automate-feature-layer-limit-usage-access-with/idc-p/1144162/highlight/true#M8692
# Proxy parameter URLs in root feature service, not individual sub-layers.
# Safely get serviceProxyParams, avoiding issues if they don't exist
existing_restrictions = getattr(secserv, 'serviceProxyParams', None) or {}
new_restrictions = existing_restrictions
"""
{
"hitsPerInterval":2,
"intervalSeconds":60,
"referrers":["https://server1","https://server2"],
"[https://*arcgis.com] //*.arcgis.com allows any subdomain from arcgis.com to be added
}
"""
referrers = 'referrers'
if type(url) == str:
# User wants to add a single URL
# convert to list
url = [url]
if type(url) != list:
raise TypeError("URL must be a single URL string or a list of such strings.")
start_clean = False
if append_rather_than_replace:
# Add, don't replace
if referrers in new_restrictions:
# Add new URLs, avoiding duplicates
new_restrictions[referrers] = list(set(new_restrictions[referrers] + url))
else:
# It's new! Start adding.
start_clean = True
else:
start_clean = True
if start_clean:
# initialize the list of URLs the Sec Serv can show up in content.
new_restrictions[referrers] = url
# Now actually update the thing
update_restrictions = {"serviceProxyParams": new_restrictions}
secserv.update(update_restrictions)
return secserv
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.