Authentication through ArcGIS Online for customized Web Apps

Thanks Robert. I do allow anonymous access to my organization that is mentioned as a workaround. Perhaps the behavior I see is still related to that issue, who knows?

The documentation here Deploy app—Web AppBuilder for ArcGIS (Developer Edition) | ArcGIS for Developers is informative (and seemingly straightforward). Do you think this is a bug and I should get in touch with ESRI? Or is it actually behaving as it should (i.e. prompting users to sing in to ArcGIS Online upon being redirected to the web app)?

Tobias,

   I am not 100% sure. I don't use the same workflow. I have a proxy setup that handles all the secure service login stuff. I would definitely call esri tech support and get confirmation as to whether this is the intended behavior or not.

Oh, didn't see you post until just now. With your proxy setup, do you still use ArcGIS Online for authentication purposes, or do users authenticate directly to your ArcGIS Server site? I'm asking because I'm in the process of figuring all this out for my organization (we currently have ArcGIS Server, token based security, Windows AD for identity store, and so many users that buying ArcGIS Online usernames for all of them would be pretty pricey. Yet authenticating to the ArcGIS Server map service directly looks and feels clunky and is very inconvenient on mobile devices). If you have any information to share how you use a proxy setup I'd love it. Otherwise thanks for sharing all the good web app builder widgets and knowledge with the community.

Tobias,

  Actually the proxy (for me) works as a bypass mechanism to the authentication. My app has been setup in the proxy to go and authenticate with the secure services and work seamlessly to consume my secure services without authentication by the user. But if someone attempts to access the services without going through my app they will be challenged for authentication. This does not sound like the work flow that you are looking for though. It sounds like you want to allow access to your app based on the access level of the authenticated user.

"It sounds like you want to allow access to your app based on the access level of the authenticated user." Correct Robert, that's what I'm trying to accomplish and it is a different use case that yours. Thanks.

Robert,

     Your work flow is what I would like to implement. I'm using web appbuilder 1.0 developers edition. My services and app are registered with AGOL, although on AGOL I would not like to share the items with "Everyone" or groups. And also would like to have application authentication so my users do not login. I installed the web appbuilder and designed the app on my local machine, then downloaded the application and placed it on my web server. I think I'm not setting up my proxy correctly. Can you give insight into how you've set up your proxy, such as which parameters you're using? I'm using url, oauthEndpoint, clientId, clientSecret, rateLimit, rateLimitPeriod, matchAll.

My url="http://adacountyitgis.maps.arcgis.com/".

My oauthEndpoint="https://www.arcgis.com/sharing/oauth2"

Am I missing something? Or wrong values? Or totally offbase for this setup?

Thanks,

Ryan

What settings in your proxy allow this kind of access Robert? I am trying to mimic this EXACT workflow and hitting continuous roadblocks! Can you share your proxy settings? Something? I'm beyond frustrated at this point.