create
Creates an Identity-Aware Proxy (IAP) configuration from the specified parameters.
Return
Returns an IapConfiguration.
Since
200.8.0
Parameters
The Identity-Aware Proxy (IAP) authorize endpoint that facilitates user authentication.
The Identity-Aware Proxy (IAP) endpoint responsible for generating access, ID, and refresh tokens.
The Identity-Aware Proxy (IAP) endpoint used to log the user out of the web session and invalidate any associated tokens.
A unique application-specific identifier associated with an application which is registered with the Identity-Aware Proxy (IAP) portal.
The URL that the Identity-Aware Proxy (IAP) login and logout pages will redirect to when authentication completes. The scheme of this URL must be registered as a custom URL scheme in the application.
A list of permissions that define the access level for which the user should be authenticated.
The hosts of the ArcGIS resources that are to be accessed behind the Identity-Aware Proxy (IAP).
The type of user interaction required for authentication and consent while signing in to the Identity-Aware Proxy (IAP). Default is IapAuthorizationPromptType.Unspecified.
A private key used to verify that the application is authorized to access secured services. Defaults to an empty string.
A unique identifier associated with an application which is registered with the Identity-Aware Proxy (IAP) portal. Notably, Microsoft Entra Application Proxy does not require an IAP client ID for authorization and token generation. Defaults to an empty string.
Throws
Required properties are missing or empty.
Creates an Identity-Aware Proxy (IAP) configuration from a JSON file on disk. The format of the JSON file for Microsoft Entra Application Proxy should be as follows:
{
"authorize_url" : "https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/authorize",
"token_url" : "https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/token",
"logout_url" : "https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/logout",
"client_id" : "<client_id>",
"redirect_url" : "<redirect_url>",
"scope" : [
"<client_id>/.default",
"offline_access",
"openid",
"profile"
],
"hosts_behind_proxy" : ["*.domain.com"],
"authorization_prompt_type" : "<empty string, none, login, consent, or select_account>"
}
Return
Returns an IapConfiguration.
Since
200.8.0
Parameters
The path to the IAP configuration JSON file on disk.