Community
Select to view content in your preferred language

ArcGIS Authentication Client ID error

445
2
10-06-2024 08:50 PM
Marc_Graham
by
Frequent Contributor
‎10-06-2024 08:50 PM

Hi @MartenHogeweg@Marten,

I am trying to integrate our fresh Geoportal deployment with our 10.9.1 ArcGIS Portal for authentication.

I have deployed catalog to one server and harvester to another server. I have also followed along with the documentation for configuring ArcGIS authentication.

Everything works up until the point geoportal server attempts to get a token from portal. Then I get a 401 Unauthorized error. 

Marc_Graham_0-1728272271779.png

Marc_Graham_1-1728272297324.png

Checking Chrome devtools I see that the client ID/appid that geoportal is passing to Portal is not the same as what I configured in authentication-arcgis.xml:

Marc_Graham_6-1728272684227.png

From Portal:

Marc_Graham_7-1728272978768.png

 

It is hardcoded to "geoportal-client":

Marc_Graham_2-1728272357234.png

I did a quick search for this string in files in notepad++ and found it referenced in two files that are undocumented in the github installation instructions:

Marc_Graham_3-1728272486547.png

AppClient.js:

Marc_Graham_4-1728272524836.png

app-oauth.xml:

Marc_Graham_5-1728272576442.png

Can you please confirm if the clientid needs to be updated in these files for authentication to succeed? Or if there are any other settings that need to be changed?

Thanks in advance,

Marc

0 Kudos
2 Replies
Marten
by
Frequent Contributor
‎10-08-2024 02:53 PM

hi Marc,

some thoughts on using ArcGIS authentication in Geoportal Server:

  • You'll see Geoportal Server requests to ArcGIS Portal sharing API to authorize with the OAuth2 endpoint. This results in a token that Geoportal Server can use.
  • Geoportal uses JWT tokens, so we generate this with a separate request to Geoportal Server's own oauth/token endpoint. This is where the client_id you see in the JavaScript files comes into play. In this process the user's ArcGIS Portal username is used together with a password of the form __rtkn__:<ArcGIS token>.  The Geoportal then uses the passed in token (that was obtained in step 1) for subsequent authentication needs for the current user session.

It looks like you commented out the client-id="geoportal-client" oauth:client element. Can you test reactivating that?

Marten

0 Kudos
Igor_Ruhangara
by
New Contributor
‎03-28-2025 02:45 AM

@Marc_Graham were you able to solve the authentication issue with the client-id="geoportal-client" commented out?

I was having the same error message when signing in however the suggestion from @Marten did not work for me.

0 Kudos