Hi All, i want to hide the token passed as a query parameter in every map request. The Web App Builder application is querying arcgis portal for resources passing the token every time. I need to hide this token from the query parameter. I found that ESRi has suggested to send the token in the X-ESRI-Authorization header instead of as query parameter in the below link
[Access ArcGIS token-secured web services—ArcGIS Server Administration (Windows) | Documentation for Ar...](https://enterprise.arcgis.com/en/server/latest/administer/windows/accessing-arcgis-token-secured-web...)
Kindly let me know how to configure the JavaScript application to send the token in the X-ESRI-Authorization header instead of as query parameter.
Thanks
Hari
Solved! Go to Solution.
Hi @Omar_A
I'm trying to send a request from AGOL map viewer to geoserver to bring in a WMS. My logged-in AGOL user is federated using Okta and Geoserver is also federated with the same Okta IdP instance. Is there anyway that I can send the bearer/token with the WMS request header so Geoserver can recognise it and doesn't ask for username and pass?
Hi,
Try to modify the code to include the token in the header.
for example, OAuth2 or ArcGIS token authentication, here the exmaple javascript
esriRequest(url, {
query: {
// Set any query parameters here
},
headers: {
"X-ESRI-Authorization": "Bearer " + token
}
}).then(function(response) {
// Handle the response here
}).catch(function(error) {
// Handle any errors here
});
You need to replace url with the URL of the resource you want to access, and token with the token you retrieved.
Hi @Omar_A
I'm trying to send a request from AGOL map viewer to geoserver to bring in a WMS. My logged-in AGOL user is federated using Okta and Geoserver is also federated with the same Okta IdP instance. Is there anyway that I can send the bearer/token with the WMS request header so Geoserver can recognise it and doesn't ask for username and pass?