AnsweredAssumed Answered

Securing REST folders/services by roles

Question asked by vscott1 on Dec 3, 2015
Latest reply on Dec 7, 2015 by vscott1

According to the following page, users who have Publisher's role have access to all services and folders within the ArcGIS Server site.

 

"When a role has its role type set to Administrator or Publisher, members of that role will have implicit permission to access all services hosted on an ArcGIS Server site. This implicit permission cannot be overridden by changing the permissions on a service or folder. "
http://server.arcgis.com/en/server/latest/administer/windows/editing-permissions-in-manager.htm

 

That means, Publishers can stop or delete any services hosted on the site.

For example, if one organization is using ArcGIS 10.x for Server and wants to manage map services by departments, the OOTB ArcGIS Server does not have the capability to hide folders and services from publishers. We want to allow our users to publish and manage their "own" services, but not be allowed to manage any other ones.
Is there any other method to achieve this?

Outcomes