How does the sharing of credentials/tokens work between trusted servers?

DarkoRadiceski · ‎03-12-2018

We have a javascript application which uses OAuth2.0 authentication to access secured services on our AGOL portal. On successful sign in, a token is returned and any services the user has permissions to access are displayed to the user. We also want to access secured services from another portal. In order to access the secured services on other portals, users have to put in credentials in multiple sign in dialogs. If you have 3 portals you have secured services on you end up having users sign in 3 times to view all content.

Is it possible via trusted servers in the security settings on portal to limit that Sign in to only 1 dialog so credentials are shared between trusted servers? Is it even possible? Or is our workflow above the way it should behave?

KellyGerrow · ‎03-15-2018

Hi Darko,

Are the users accessing your services ArcGIS Online members? If so, you may want to look into registering your secure services with ArcGIS Online and storing the credentials with the item. This will allow you to use the ArcGIS Online Security model to provide access to these services through their ArcGIS Online Username and Password instead of 3 different sets of credentials. This would require token based security for your local services.

-Kelly