I've deployed a survey to our Enterprise using Survey123 Connect and a feature service pointing to a feature class in a SLQ Server database. The issue here is that the survey is built to contain personal contact information and while I've been able to lock down the feature service to only allow record creation and disallow map rendering, querying, and export, you can still view individual values in a dropdown by using the filter tool in a web map and setting it to find unique values for a given field (image attached). Since you can only peek at one value in one field at a time this way no one can really make any data associations, but I'd prefer to prevent this workaround by disabling filtering outright. I understand that the recommendation here is to use a hosted feature layer view but we're really trying to keep everything within our data server and out of the Data Store.
Is there a way to do this? I've tried to cover all of the other security angles but if this can't be secured to the greatest extent possible then I'll have to go another route.
Are the values that are displaying in the filter UI in a domain? If so, removing the domain will prevent them from displaying.
If the values are not in a domain is query enabled on the feature service?
Thanks for putting some thought to this. I do have a few domain fields, but the filter tool is also able to pull up values that reside in an open text field, e.g. names entered by users. Querying is disabled (screenshot of the feature service settings is attached).
Related: In a test hosted feature view of the same data I notice that the filter tool can see field names, and can also look up values in a three-domain field, but for anything else it returns an error about there being too many values, which is a little better than what I see in my non-hosted service but still seems kind of like an unintended query behavior to me. I'd still take that over what's able to be seen in my non-hosted service though...