relationships for Organization -- group -- users -- services

CharlesCao · ‎01-11-2013

May I use the relationship of group -- users -- services for different access authrities for different services? for example:

Organization: Org
Groups: G1; G2
Users: User1 (belong to G1); User2(belong to G2)
services: FS1; FS2; MS3

FS1 will be shared to G1-User1 only; but FS2 and MS3 will be shared to G2-User2

Can we set up groups and users like above ? and how?

Thanks.

MikeMinami · ‎01-11-2013

Yes.

You can create groups and invite specific users into those groups. If your services are not hosted services and reside on your own ArcGIS Server, you will add an item "on the web" that points to the URL of a particular service. When you add the service as an item, if that service is secured (by ArcGIS Server), you can choose to embed the username and password as part of the item. This allows you to effectively override ArcGIS Server security and leverage ArcGIS Online security to control access to the service. Once your item is added, you'd add the item to specific groups.

Thanks,

Mike

CharlesCao · ‎01-11-2013

Thanks Mike,

I have no ArcGIS Server, all service are hosted into ArcGIS.online, but they are shared to different clients (groups).
Need I set up a specific user for each group, and add related services for different groups? For a subscription of ArcGIS.com, only 5 users are included, but we have lots of customers and services usually.

Yes.

You can create groups and invite specific users into those groups. If your services are not hosted services and reside on your own ArcGIS Server, you will add an item "on the web" that points to the URL of a particular service. When you add the service as an item, if that service is secured (by ArcGIS Server), you can choose to embed the username and password as part of the item. This allows you to effectively override ArcGIS Server security and leverage ArcGIS Online security to control access to the service. Once your item is added, you'd add the item to specific groups.

Thanks,

Mike

MikeMinami · ‎01-14-2013

Each person in your organization that is accessing content private to the organization should be one of the named users of your organization. You can purchase additional users as necessary. You share items with users through groups. So, if user A, B and C need access to a service, you would add those users to Group1 and share the service to that group. Do this for as many groups as you need. Users can be members of multiple groups.

Thanks,

Mike

CharlesCao · ‎01-15-2013

Thanks Mike.

we use AGOL for publishing and saving services, and at meanwhile we are developing a web application. which access AGOL for these services. we have lots of spatial saved in AGOL, and there could be many users from different clients using the Web Portal, need we set up different users and groups for them in AGOL so as to they could access different spatial data? or we use orgnization - users - authority - service management in our local WebPortal.

Thanks again.

Each person in your organization that is accessing content private to the organization should be one of the named users of your organization. You can purchase additional users as necessary. You share items with users through groups. So, if user A, B and C need access to a service, you would add those users to Group1 and share the service to that group. Do this for as many groups as you need. Users can be members of multiple groups.

Thanks,

Mike

MikeMinami · ‎01-16-2013

Maybe I'm not understanding your question because my answer is kind of the same.

What do you mean by web portal?

In general:

If you plan to share your services publicly, you do not need individual users or groups. You can share your services and web maps that reference services with everyone. Then you might build web applications that access these services/web maps. Because they are publicly shared, there is no security.

If you want to restrict access to your services, then you need to allocate one user in your organization for each person that needs to access the services. You control access to services and other items, by adding the services to groups and inviting particular users to join the group. Anyone in the group will be able to access those services.

You also mention clients. I am not sure in what way you are using this word... If you are building an application for another company, then that company must purchase a subscription as well and allocate users in their subscription. In this case, that company's subscription would host the services.

Hope this helps,

Mike