RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://developers.arcgis.com/documentation/portal-and-data-services/portal-service/security/ below:

Portal security | Documentation | Esri Developer

The portal security model in ArcGIS protects data, services, and applications. It includes security controls to prevent unauthorized access. It ensures the confidentiality, integrity, and availability of geospatial data and applications.

Portal service

The portal service helps authenticate, organize, and share geospatial information in ArcGIS. The service provides security for everything in a portal. It enables you to securely access your organization's resources for the creation of maps, applications, and spatial datasets.

The key security features the portal service supports are:

Aspect

Description Users (identity) All members of an organization have an identity that is defined by their ArcGIS account. The tasks a user can perform are determined by their user type, role, and privileges assigned to their account. A portal service ensures users only perform tasks supported by their identity. Learn more here. Sharing There are four different sharing levels for accessing content. This includes owner (private), organization, group, and everyone (public). Learn more here. Authentication The portal service supports all types of authentication with the use of access tokens. The portal service allows you to use authentication to get access tokens that can then be used to access secure resources in ArcGIS. Learn more here. Developer credentials You can create and manage developer credentials for your applications using the portal service. Developer credentials register your application with a portal and define the security properties. Learn more here.

Additionally, you use the portal service to securely:

Access content items like web maps, web scenes, and feature layers.
Share content to specific users or group of users.
Manage users and groups.

Access content items

To access an item in the portal using the portal service, you can create access tokens. These tokens can be in the form of API keys or OAuth 2.0 tokens, each defining the scope and permissions available to the application based on the authentication method used to obtain them.

You can get an access token by:

Sharing in ArcGIS is the process of making geographic content available in both ArcGIS Online and ArcGIS Enterprise. The share setting enables you to determine the accessibility level of an item, thereby securing both the item and its underlying data.

You use the portal service to share an item to:

Change an item's discoverability
Configure an item's privacy settings
Grant access to specific user groups or organizations
Require access tokens for data services.

Topic

To learn more about sharing items in a portal, go to Item sharing.

Sharing levels

The sharing levels in a portal provide users with flexibility in controlling the accessibility of their content, allowing them to configure access based on the audience and the sensitivity of the information. By selecting the appropriate sharing level for each item, users can collaborate and properly secure their content within a portal.

The following is a list of the sharing levels available for the different types of ArcGIS products:

Owner (private): Only the owner has access. The hosted layer (item) and data service are private and will not be visible or accessible to others. A valid access token or scoped API key is required. Learn more about scoping items to an API key in API keys.

Owner (private): Only the owner has access. The hosted layer (item) and data service are private and will not be visible to others who have access to the portal. A valid access token is required.
Organization: All members of your organization can access the hosted layer (item) and data service. A valid access token is required.
Group: All members of a group can access the hosted layer (item) and data service. A valid access token is required.
Everyone (public): Anyone can view the hosted layer (item) and access the data service.

Owner (private): Only the owner has access. The hosted layer (item) and data service are private and will not be visible to others who have access to the portal. A valid access token is required.
Organization: All members of your organization can access the hosted layer (item) and data service. A valid access token is required.
Group: All members of a group can access the hosted layer (item) and data service. A valid access token is required.
Everyone (public): Anyone can view the hosted layer (item) and access the data service.

Topic

To learn more about sharing levels, go to Item sharing.

Manage users and groups

Using the portal service, you can access and control user identities and group settings in your organization. You can configure privileges for users accessing the organization and define access levels based on whether users are part of the ArcGIS organization.

Through the portal service, you can create groups to organize content, control access to resources, and help collaboration among members. Group owners have the authority to:

Invite members.
Manage content and membership requests.
Edit group properties.
Change sharing settings like update roles, remove members, transfer ownership, and delete groups.

Topic

To learn more about managing users and groups, go to introduction to users and groups.

Types of authentication

Portal service provides secure access to your content in your portal. It does this by supporting different types of authentication. Authentication in ArcGIS ensures only authorized users have access to the ArcGIS resources and services.

You authenticate to:

Ensure authorized users can access protected information, location services, and private data.
Manage users and groups to provide access to resources based on user roles and permissions.
Enable integration of apps with ArcGIS which allows users to sign in to access resources.

You can use the following authentication options to access items in your portal. Learn more about the differences between the authentication types in Authentication comparison.

Type

Description

Best use API key authentication Involves using a long-lived API key to access ArcGIS resources, granting public-facing apps access to specific services, including private content and client referrers. * Create personal automation scripts that access the portal service.
* Quickly and easily generate access tokens for your apps.
* Create long-lived access tokens that remain valid for up to one year. User authentication Allows users with an ArcGIS account to sign in to an application and access content, services, and resources based on their account type, roles, and privileges. * Create private apps that require users to sign in with an ArcGIS account.
* Create apps that let members of your organization perform portal management operations.
* Access and manage secure items stored in a user's portal. App authentication Grants short-lived access tokens based on application credentials, authorizing apps to access specific resources within ArcGIS Online. * Create automation scripts that access the portal service.
* Create public apps that do not require users to sign in.
* Build apps that access location services and private items such as hosted layers or data services. Security and authentication guide Developer credentials

To support authentication workflow and manage your custom applications, you create developer credentials. Developer credentials is an item type created in your portal that contain parameters used in authentication. They are required to implement every type of authentication. When you register your application in ArcGIS, you are provided with these authorization credentials that allow your app to access ArcGIS services and resources. The client ID and client secret are used to securely authenticate your application and obtain an access token.

There are two types of developer credentials: API key credentials and Oauth credentials. The table below lists these credentials and the types of authentication workflow they support.

Type of developer credentials Type of authentication API key credentials API key authentication OAuth credentials User authentication
App authentication Security and authentication guide

To learn more about developer credentials, go to API key credentials, User credentials, and App credentials.

Authentication with privileges

Privileges are used to access to secure resources and capabilities in a portal. Privileges are typically granted by creating and assigning roles to accounts which allow you to:

Manage content such as create, update, and delete content.
Manage groups such as create, update, delete groups.
Share content with groups, organization, or publicly.
Edit features in hosted feature layers.
Manage users, configure organization settings (for administrators only).

Privileges are associated with an access token which define the operations an application is permitted to perform in your portal. How privileges are managed depend on the type of authentication being used:

Access tokens from API key authentication and app authentication have privileges managed by the developer credentials.
Access tokens from User authentication have privileges based on the a user's ArcGIS account.

Security and authentication guide

To learn more about managing privileges, go to Privileges.

REST authentication operations

The following REST operations from ArcGIS REST APIs are used to authorize and manage access tokens to access secure ArcGIS resources.

Operation

Description Authorize User authentication starts with the authorization step at the oauth2/authorize/ endpoint. Apps are required to direct users to the authorize REST endpoint. Token The oauth2/token/ endpoint grants an access token when queried with a valid authorization code, client secret, or refresh token. Generate token The generateToken operation create an access token in exchange for user credentials. The access token represents an authenticated user for limited time to all other API functionality. Security and authentication guide

To learn more about these security REST endpoints, go to Security and authentication > REST authentication operations.

ArcGIS accounts

An ArcGIS account is required to implement authentication. Below is a summary of the products, accounts, and subscriptions you can use:

Product Account Subscription Plan ArcGIS Location Platform ArcGIS Location Platform account ArcGIS Developer subscription Essentials plan (default)
See all plans ArcGIS Online ArcGIS Online account (User type: Creator or higher) ArcGIS Online subscription See all plans ArcGIS Enterprise ArcGIS Enterprise account See all plans ArcGIS Enterprise

Some organizations require stricter security measures or do not permit the use of distributed online environments like ArcGIS Online. For these cases, the on-premise ArcGIS Enterprise provides a robust solution by operating within corporate firewall environments. This setup ensures that all your data and services remain under the direct control of your organization adhering to strict security policies and compliance requirements.

Portal for ArcGIS is a component of ArcGIS Enterprise, allowing organizations to deploy GIS capabilities on their own infrastructure. This deployment supports secure access to maps, apps, and data, while also enabling collaboration within the organization. It integrates seamlessly with existing IT environments, leveraging enterprise authentication systems, security protocols, and data management practices.

For more information about how ArcGIS Enterprise and Portal for ArcGIS can meet your organization's security needs, visit the ArcGIS Enterprise product page.

Services

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4