Support limit access to hosted feature service for hosted feature services that are not secured

05-31-2019 11:45 AM
Status: Open
Occasional Contributor III
It is possible to limit access (e.g. by IP address) to secured hosted services in ArcGIS Online for public-facing web applications as detailed in this Esri technical article:
Step 3b requires the user to store credentials with the service item using a built-in type ArcGIS Online user account. Somne large organizations require the use of SAML-based authentication for ArcGIS Online and therefore cannot support this workflow.
Request and use case:
It is requested that the ability to limited access (e.g. by IP address) is extended to non-secured ArcGIS Online hosted feature services in addition to secured services.
A user has developed a web application using the Esri ArcGIS API for Javascript; this application is hosted at a location with a static IP address. The application renders and is dependent upon services hosted in ArcGIS Online. The user requires that the services are accessed only by the specified application.
Based on the user and the Department requirements, the services must be:
- Shared with Everyone
- Accessible only by a specified IP address