AnsweredAssumed Answered

Validation of federate server fail - 'Unknown resource - could not find token service endpoint'

Question asked by gconradie_compassinfo on May 23, 2018
Latest reply on Oct 11, 2018 by minerjoe

Hi

 

I have a Portal instance, available via web adapter on an external url:

https://portal.company.com/arcgis

 

I added a ArcGIS server instance on the same server, available via a second web adapter on an external url:

https://portal.company.com/arcgis2 

 

ArcGIS Server Notes:

  • Administration work via url https://portal.compass.ie/arcgis2/admin 
  • Protocol: HTTPS Only
  • Authentication tier: GIS_SERVER+
    Authentication mode: ARCGIS_TOKEN
    Server role: STANDALONE_SERVER
    User Store Configuration Type: BUILTIN
    Role Store Configuration Type: BUILTIN

 

The intention is to add the ArcGIS server as a federated server and configure it as the hosting server.

 

When I attempt to add a federated server on url https://portal.company.com/arcgis/home/organization.html, I get the error "Unknown resource - could not find token service endpoint.".

 

When I attempt to federate a server on url 
https://portal.company.com/arcgis/portaladmin/federation/servers/federate, it succeed. I can also validate the federated server successfully.

 

After the server are federated via the portaladmin interface, it is being listed as a federated server on the https://portal.company.com/arcgis/home/organization.html page, but flagged with an error "error while validating the server". It also cant be added as the hosting server - error "Unable to set portal.company.com/arcgis2 as the hosting server. Unknown resource - could not find token service endpoint."

 

What I do notice:

While validating from the portaladmin interface, a POST request is issued - to https://portal.company.com/arcgis/portaladmin/federation/servers/validate 

 

While validating from the https://portal.company.com/arcgis/home/organization.html interface, a GET request is issued: https://portal.company.com/arcgis/portaladmin/federation/servers/validate?f=json&token=9Ole9SgfXAhRYssSZmH6-LiVGzXQjGpIo5GCze3fmeiAMOUu13p0IQLGmL9TvDe_IosdJeXygZ363cJf-h_CGOZgcFRpGSER5v5ZbRl7dPS_yqKKqnk3Zeslj1P0woFTgfeUKk4ODVDFELT11Y6hE2279n9FjuE6TVi1lM3t7MhmQ3OXPoPzstHQsQ5sHb32, that return the response:

"{"error":{"code":498,"message":"Invalid Token.","details":["Token would have expired, regenerate token and send the request again.","If the token is generated based on the referrer make sure the referrer information is available with every request in header."]}}"

 

I can access and manually generate tokens on these two urls:

https://portal.company.com/arcgis/sharing/rest/generateToken

https://portal.company.com/arcgis2/tokens/generateToken 

 

Any advice/comments would be much appreciated!

 

I don't understand how the referrer information can be different? Or what control I have on how portal use the token authentication. 

Outcomes