AnsweredAssumed Answered

OAuth2 & the Authorization Page - How to NOT use it or customize it?

Question asked by dbecker88 on Aug 20, 2019

We're using a federated server/portal and the JS API. In this web app, I don't want to use our Portal's default authorization page, mainly because the site has nothing to do with GIS and the customer doesn't want to see the ESRI logo, or anything about ArcGIS Enterprise, ect..

 

I just want a simple dijit/Dialog that displays a username/password, that's it!

 

Is there a way I can make an ajax call to a server side .php script that would call the Portal OAuth2 rest endpoint to give me the access token? I could then register that access_token with identityManager.registerToken()

 

The below snip is working great, but obiv. displays the default authorization page to handle the user login.

An app login just won't work, we need each user to authenticate with the Portal.

 

var info = new OAuthInfo({
    appId: "abc1234zyz",
    portalUrl: "https://our.gisportal.com/portal",
    popup: false

});

esriId.registerOAuthInfos([info]);

 
esriId.checkSignInStatus(info.portalUrl + "/sharing").then(
function (){          
    displayItems(); //secured app content
}).otherwise(function (){

    // user will be redirected to OAuth Sign In page
    esriId.getCredential(info.portalUrl + "/sharing");

});

Outcomes