Restrict editing to authorized users while leaving the map viewable to the public

BrettGreenfield__DNR_ · ‎11-21-2013

I've created a service that will be made available to the public which expects to see fairly regular updates. Unfortunately, now that I've created the dataset it's leaving my hands, and the group that plans on making the updates doesn't have anyone with ArcMap on their computer, thus any updates would have to go through an ArcGIS Online map. I know I can configure a service to allow editing, but my concern is that ANYONE (with the know-how) could also edit the service and make unwanted changes. I also know I can allow access only to a private group, but then the public can't view the service.

Is there a way to limit the editing capabilities to certain people, while keeping the service viewable to the public? I was thinking there might be a way to create a separate version of the service with editing capabilities, open it to a private group, and synch the public version of the service to the private version, but I'm not sure if that's possible.

PaulDoherty · ‎06-02-2015

Thanks Mike.

I typically point people to this page and suggest the Edit With Full Control workflow. Please let us know when there is a better workflow, so many people rely on public maps that they can update during disasters.

Best practices for using layers in maps—ArcGIS Online Help | ArcGIS

YovavZohar1 · ‎01-20-2016

Hi Mike,

is there any advance regarding the ability to grant a group of organizational workers to edit certain Hosted Feature layers in a Web-Map (using Collector), while maintaining public access to the same Feature layer with watch only capability?

I've tried using the "members can update all items in this group" in a special editing group, but it doesn't work for Web-Maps - only for the Feature layers themselves, thus doesn't fit the Collector app

Thanks in advance,

Yovav Z.

nspittlemeister_LCFPD · ‎07-05-2016

Yovav,

Have you heard about any movement on the ability to grant organizational users the ability to edit hosted layers in a web map so that data that is being edited in Collector is not also editable in AGOL to the public?

Thanks,

Nick

YovavZohar1 · ‎07-05-2016

No, unfortunately.

Though, there is a partial solution from a different approach.

In the organizational custom roles you can now define a role without Editing permissions, regardless It's other privileges:

Anyway, that is a solution for within the organization and it doesn't solve the "Public" issue.

nspittlemeister_LCFPD · ‎07-06-2016

Thanks for the response. I found some documentation on a work around that in a roundabout way solves the public issue. There is also an ArcGIS Idea to make this process easier.

Nick

MaterMaps · ‎01-19-2015

Do you have any update on this "Under Development Project".

It is a critical feature.

PaulDoherty · ‎06-02-2015

Here is a brief explanation. For now Full Editing Control is the best option for Public Maps, in my opinion. More best practices from this link: Best practices for using layers in maps—ArcGIS Online Help | ArcGIS

"Control who can update your data

If you want everyone who has access to the hosted feature layer to be able to update the data, enable editing and choose the type of edits you want others to make. For example, you can restrict editing to adding features only or updating existing features only. You can also allow everyone to add, update, and delete features. Be aware that if your hosted feature layer is shared publicly with editing enabled, the general public will be able to edit the data.

As the owner of the features stored in the map, you can perform edits within the map viewer using the editing tools that come with the map viewer. When working with a hosted feature layer, the owner of the features and any administrator of the organization can also choose to open the layer with full editing control even if editing is disabled. (To open the layer with full editing control even if editing is disabled, open the item details, click Open and choose Add layer to new map with editing enabled from the drop-down list. You can also choose this option from the item title drop-down in My Content). This will ensure that only authorized or trusted members of the organization, such as you the map owner and administrators, can edit your data."

Andrew Stauffer Andrew Stauffer Any update to this issue or more resources related to the topic?

ThomasKonzel · ‎03-22-2016

Although Shawn Kraft originally penned the technique back in April 2014, some official Best Practices documentation finally arrived in the link above which highlights his process to limit undesired public editing of feature services.

MichaelKelly · ‎08-30-2016

I think this documentation should give you the functionality you want. It details how to limit access to public ArcGIS Online layers!

nspittlemeister_LCFPD · ‎08-30-2016

I have tried this documentation and it worked for a Collector workflow where the public can see the layer in a map and organizational users can edit the layer. The problem I had with this process is when the public layer is incorporated into Web AppBuilder and I tried printing with the public layer turned on, I would get an printer error message (see this thread).