We are running a Federated 10.7.1 environment. We're using Windows Active Directory as our Identity Store. One of our clients will need access to edit a feature service. The feature service is referencing data stored in a SQL Server SDE. Right now, the only way I'm seeing to allow this is to create an external AD account, import that account in Portal and give it a Creator user type. Is there any way to give an external person access to edit a feature service without A) Creating an external AD account and B) Using up one of our Portal user licenses?
Also, it would be ideal if that person couldn't actually login to our Portal if they came across it. Are there any other options or workflows for configuring limited external access to a service in a federated environment?