create

fun create(authorizeUrl: String, tokenUrl: String, logoutUrl: String, clientId: String, redirectUrl: String, scopes: Iterable<String>, hostsBehindProxy: Iterable<String>, authorizationPromptType: IapAuthorizationPromptType = IapAuthorizationPromptType.Unspecified, clientSecret: String = "", iapClientId: String = ""): IapConfiguration

Creates an Identity-Aware Proxy (IAP) configuration from the specified parameters.

Return

Returns an IapConfiguration.

Since

200.8.0

Parameters

authorizeUrl

The Identity-Aware Proxy (IAP) authorize endpoint that facilitates user authentication.

tokenUrl

The Identity-Aware Proxy (IAP) endpoint responsible for generating access, ID, and refresh tokens.

logoutUrl

The Identity-Aware Proxy (IAP) endpoint used to log the user out of the web session and invalidate any associated tokens.

clientId

A unique application-specific identifier associated with an application which is registered with the Identity-Aware Proxy (IAP) portal.

redirectUrl

The URL that the Identity-Aware Proxy (IAP) login and logout pages will redirect to when authentication completes. The scheme of this URL must be registered as a custom URL scheme in the application.

scopes

A list of permissions that define the access level for which the user should be authenticated.

hostsBehindProxy

The hosts of the ArcGIS resources that are to be accessed behind the Identity-Aware Proxy (IAP).

authorizationPromptType

The type of user interaction required for authentication and consent while signing in to the Identity-Aware Proxy (IAP). Default is IapAuthorizationPromptType.Unspecified.

clientSecret

A private key used to verify that the application is authorized to access secured services. Defaults to an empty string.

iapClientId

A unique identifier associated with an application which is registered with the Identity-Aware Proxy (IAP) portal. Notably, Microsoft Entra Application Proxy does not require an IAP client ID for authorization and token generation. Defaults to an empty string.

Throws

Required properties are missing or empty.


suspend fun create(path: String): Result<IapConfiguration>

Creates an Identity-Aware Proxy (IAP) configuration from a JSON file on disk. The format of the JSON file for Microsoft Entra Application Proxy should be as follows:

{
"authorize_url" : "https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/authorize",
"token_url" : "https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/token",
"logout_url" : "https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/logout",
"client_id" : "<client_id>",
"redirect_url" : "<redirect_url>",
"scope" : [
"<client_id>/.default",
"offline_access",
"openid",
"profile"
],
"hosts_behind_proxy" : ["*.domain.com"],
"authorization_prompt_type" : "<empty string, none, login, consent, or select_account>"
}

Return

Returns an IapConfiguration.

Since

200.8.0

Parameters

path

The path to the IAP configuration JSON file on disk.