Maybe I should have known that it was all too good to be true. A client organization wants to publish web apps created in their ArcGIS Server Advanced Portal environment to anonymous users (i.e., anybody with the URL link can view the web app). The web apps created by Portal’s Web Application Builder work fine inside the organization’s firewall. All contributing content (e.g., web maps), and the web apps themselves, are shared to Everyone. However, anonymous users outside the firewall cannot access the web app—the web app viewer starts up, but hangs on displaying any content. Fiddler lets me know that a resource that is directed internally cannot be accessed, and we can probably get this tracked down. But it got me thinking: maybe anonymous access to Portal-produced content really can’t happen at all. One thread on this forum from an Esri staffer sates that “it is worth noting that Portal is intended to be an internal solution. There may be some means to get this working for external clients and it might be technically possible. This is where AGOL comes in…” No doubt about AGOL, but one of the reasons the client went with Portal was to minimize those credits they were burning with AGOL.
This 2015 UC Q&A exchange answered the question (I thought):
“Portal for ArcGIS can be accessed by anonymous users and named users. The ArcGIS administrator can grant additional privileges to named users. For example, an administrator can grant a named user permissions to use content from a particular group in the portal or to create and share maps with others. The number of anonymous users that can access a portal is unlimited. The number of named users that can access a portal is defined by your Portal for ArcGIS Named User License.
Use public web maps and web applications?
Anonymous User: YES Named User: Yes”
So the basic question is this: can web apps created by Portal’s Web Application Builder be consumed by anonymous users (provided proper permissions/ports/SSL/other-black-magic settings are correctly configured)? If “yes”, then we can surely struggle on to ultimately figure it out, but it would be helpful if there were a source reference that addresses anonymous user access configuration directly.
Thanks to anyone who can shed light or empathy.