"Allow Portal Access" - does the reverse work?

Jay_Gregory · ‎07-22-2022

I understand how I can configure an AGOL setting for "allow portal access" such that if a user on my 10.9 Enterprise Portal tries to add a secured service from my AGOL to a web map, the user can authenticate to AGOL using SAML Enterprise Login.

However is it possible to somehow configure the reverse (which actually seems like a more compelling use case). If I publish sensitive data to my Enterprise Portal, and an AGOL user wants to add it to an AGOL webmap, I would hope that they could use their Portal Enterprise login (SAML) to authenticate the item. As of now it just prompts for a username and password, no SAML auth prompt at all.

Any thought here?

ahargreaves_FW · ‎10-05-2022

@Jay_Gregory can you tell me how you got the "regular" way to work? As described here I am unable to access secured AGOL content from within my portal

Jay_Gregory · ‎10-05-2022

@ahargreaves_FW I think that is the idea - the user still has to login to AGOL when accessing the content from Portal. Even if your Portal and AGOL use the same login method (SAML), I don't think it's an SSO solution. That is, Portal doesn't pass the user's credentials to AGOL and allow for seamless access - they still need a separate login. It's separate user store. At least that is my understanding.