AnsweredAssumed Answered

ArcGIS Portal REST: Which token dispenser to use to access secure map services?

Question asked by vandervoort on Jan 26, 2016
Latest reply on Jul 22, 2018 by robert_DataVision

We are writing a REST application to access AGS map services. We cannot use the ArcGIS JSAPI - everything I do can only use REST verbs (GET, PUT, etc.)

  • We want to access secure map services that are hosted on-premise on ArcGIS Server

  • We have on-premise Portal for ArcGIS Server

  • ArcGIS Server security (User Store, Role Store, Authentication Tier, and Authentication Mode) uses Portal for ArcGIS

 

To get an Oauth2.0 token I can use this URL:

https://<DOMAIN>/portal/sharing/rest/oauth2/token?grant_type=client_credentials&client_id=<CLIENT_ID>&client_secret=<CLIENT_SECRET>

 

Which returns a JSON payload like this:

{"access_token":"fCsz6hbXOsnjfIt1j30HAofVMcu3xEhnsgao2rq4_98xOAlf72oR17LYvj1gydJ7ZYnhzxzU4G-vBWNW_0thHQqSYt-HDuzVenv-v6nws1xkGu6XOI3peobXFobZo5QV6NcglZYF6YiFbMM8MPdE7A..","expires_in":7200}

 

To get an old-fashioned REST token I can use this URL:

https://<DOMAIN>/portal/sharing/generateToken?f=json&username=<USERNAME>&password=<PASSWORD>&clientip=requestip

 

Which returns a JSON payload like this:

{"token" : "KfD9KGedbu2lDrBc2umSVv08XDFCsU8HuKU0yBiFoFk375ahReXmcfVBbsGbGr1iotf003H319dG35T-7Q5-c933dWD0dfLPaflTu4QucS4jJ2Zcz0oIprFspEzk78tHky0IeuHswBudKDbebOQISQ..","expires" : 1453833598866,"ssl" : true}

 

I want to access:

https://<DOMAIN>arcgis/rest/services/SampleWorldCities/MapServer?f=json

 

In the pre-Portal for ArcGIS days of REST I could use a URL:

https://<DOMAIN>arcgis/rest/services/SampleWorldCities/MapServer?f=json&token=<SOMETOKEN>

where <SOMETOKEN> was obtained from the REST token dispenser.

 

HOWEVER: neither of the tokens I’ve obtained from the Portal dispenser nor the REST dispenser work. Both return:

{"error":{"code":498,"message":"Invalid Token","details":[]}}

 

THE QUESTIONS:

  • Which token dispenser do I use?

  • How do I string together a URL that uses a token I have obtain (from the correct source) then I can use to access our secured services?

 

TIA

Outcomes