- URL:
- https://<root>/security/config
- Methods:
GET
- Required Capability:
- Access allowed with the "Security and infrastructure" privilege
- Version Introduced:
- 10.9
Description
The config
resource returns the currently active security configuration for your ArcGIS Enterprise on Kubernetes deployment.
Request parameters
Parameter | Details |
---|---|
| The response format. The default format is Values: |
Security configuration properties
Parameter | Details |
---|---|
| The role assigned to the federated server. |
| Connection information about the currently active user store. |
| Connection information about the currently active role store. |
| The key used to encrypt tokens. |
| A Boolean that indicates whether new organization accounts will automatically be created when enterprise users access your Enterprise portal for the first time ( Values: |
| A Boolean that indicates whether security is enabled for any GIS service. The default value is Values: |
| A Boolean that indicates whether access to the services directory will be disabled. The default value is Values: |
| This property restricts what hosts Enterprise portal can access directly. This restriction applies to several scenarios, including when the Enterprise portal accesses resources from a server that does not support Cross-Origin Resource Sharing (CORS) or when saving credentials used to access a secure service. By default, this property is not defined and no restrictions are applied. Use the format (.*).domain.com to allow access to all machines within a specified domain. Domains must be comma-separated. Example
|
| Introduced at 10.9.1. A Boolean that controls the value of the Access-Control-Allow-Private-Network response header in a CORS preflight request to a portal service URL. This property was added to support the Private Network Access web specification (CORS-RFC1918) that aims to protect sites accessed over a private network from being able to make internal CORS requests. The default value is Values: |
Portal properties
Parameter | Details |
---|---|
| A key automatically generated during site creation. This property should not be modified. |
| The key obtained after federating an ArcGIS Server to an organization. |
| The internal service URL used to access the Portal sharing container. |
| The organization URL. |
| The external URL of the server federated with the organization. |
| Must be set as |
| The ID of the server that is federated with the organization. |
Forward proxy config
Parameter | Details |
---|---|
| The forward proxy host name for http requests. |
| The forward proxy host name for https requests. |
| The forward proxy port number for http requests. |
| The forward proxy port number for https requests. |
| The forward proxy user name for http requests when authentication is required. |
| The forward proxy user name for https requests when authentication is required. |
| The forward proxy password for http requests when authentication is required. |
| The forward proxy password for https requests when authentication is required. |
| A list of host names separated by |
| A Boolean that indicates whether the http proxy password is encrypted. When adding or updating the password, this property should be changed to Values: |
| A Boolean that indicates whether the https proxy password is encrypted. When adding or updating the password, this should be changed to Values: |
Example usage
The following is a sample request URL used to access the config
resource:
https://organization.domain.com/context/admin/security/config?f=pjson
JSON Response example
{
"serverRole": "HOSTING_SERVER",
"userStoreConfig": {
"type": "PORTAL",
"properties": {}
},
"roleStoreConfig": {
"type": "PORTAL",
"properties": {}
},
"tokenServiceKey": "AIT8Nvh7J7AHWAld1RZe9/n393gLeAeq4HvTkaN5SoM=",
"enableAutomaticAccountCreation": false,
"allowInternetCORSAccess": true,
"securityEnabled": true,
"disableServicesDirectory": false,
"portalProperties": {
"webgisServerTrustKey": "PluSR7m7CyWo3JfOZrL2qkRAy4tvO+VNzEgKfK5gWS4=",
"portalSecretKey": "73ccba361df243ddbfd8b697e148dc4a",
"privatePortalUrl": "https://privateportal.domain.local:8443/arcgis/",
"portalUrl": "https://reverseproxy.domain.com/arcgis/",
"serverUrl": "https://reverseproxy.domain.com/gis/",
"includeOrgIdWIthUsername": false,
"portalMode": "ARCGIS_PORTAL_FEDERATION",
"serverId": "T4QEbIXt66r0p5bW"
},
"forwardProxyConfig": {
"httpProxyHost": "proxy.example.com",
"httpsProxyHost": "proxy.example.com",
"httpProxyPort": 8888,
"httpsProxyPort": 8888,
"httpProxyUser": "username",
"httpProxyPassword": "password",
"httpsProxyUser": "username",
"httpsProxyPassword": "password",
"nonProxyHosts": "enterprise.example.com|server.example.com",
"isHttpProxyPasswordEncrypted": false,
"isHttpsProxyPasswordEncrypted": false
}
}