Skip To Content

Security Configuration

Description

The security configuration consists of the identity store configuration.

If your portal will be authenticated through ArcGIS Web Adaptor, you must set up your preferred authentication on your web server. Use the Update Identity Store operation to configure your portal to connect to your enterprise identity provider such as Windows Domain or LDAP. By default, Portal for ArcGIS is configured to use the built-in store and token-based authentication.

The enableRemoteUserTokenValidation property enhances security by preventing a user from using a token generated by another user. This feature is only available when Web Tier Authentication is used.

For example, if user "Amy" obtains a token that was generated by "Bob", Amy can impersonate Bob by sending the token that was generated for Bob. However, when the enableRemoteUserTokenValidation property is enabled, portal verifies that the token currently being used was issued for the same user account that was authenticated by the Web Server. This property is enabled by default in portal as of version 10.5.1.

Request parameters

ParameterDetails
f

The response format. The default response format is html.

Values: html | json | pjson

Example usage

Below is a sample request URL for the config resource:

https://machine.domain.com/webadaptor/portaladmin/security/config?f=json

JSON Response syntax


{
   "enableAutomaticAccountCreation": <true|false>,
   "disableServicesDirectory": <true|false>,
   "userStoreConfig": IdentityStore,
   "enableRemoteUserTokenValidation": <true|false>
}

JSON Response example


{
   "disableServicesDirectory": false,
   "enableAutomaticAccountCreation": true, 
   "enableRemoteUserTokenValidation": true
}