- URL:
- https://<root>/security/config/update
- Methods:
POST- Required Capability:
- Access allowed with the "Security and infrastructure" privilege
- Version Introduced:
- 10.9
Description
The update operation updates the security configuration for your ArcGIS Enterprise on Kubernetes deployment.
Request parameters
| Parameter | Details |
|---|---|
| The JSON object representing the security configuration for ArcGIS Enterprise on Kubernetes. For information on included properties, see the Security configuration properties section below. |
| The response format. The default format is Values: |
Security configuration properties
| Parameter | Details |
|---|---|
| The role assigned to the federated server. |
| Connection information about the active user store. |
| Connection information about the active role store. |
| The key used to encrypt tokens. |
| A Boolean that indicates whether new organization accounts will automatically be created when enterprise users access your Enterprise portal for the first time ( Values: |
| A Boolean that indicates whether security is enabled for any GIS service. The default value is Values: |
| A Boolean that indicates whether access to the services directory will be disabled. The default value is Values: |
| This property restricts what hosts Enterprise portal can access directly. This restriction applies to several scenarios, including when the Enterprise portal accesses resources from a server that does not support Cross-Origin Resource Sharing (CORS) or when saving credentials used to access a secure service. By default, this property is not defined and no restrictions are applied. Use the format (.*).domain.com to allow access to all machines within a specified domain. Domains must be comma-separated. Example |
| Introduced at 10.9.1. A Boolean that controls the value of the Access-Control-Allow-Private-Network response header in a CORS preflight request to a portal service URL. This property was added to support the Private Network Access web specification (CORS-RFC1918) that aims to protect sites accessed over a private network from being able to make internal CORS requests. The default value is Values: |
Portal properties
| Parameter | Details |
|---|---|
| The organization URL. |
| The internal service URL for accessing the portal sharing container. |
| The key obtained after federating an ArcGIS Server to an organization. |
| Must be set as |
| The ID of the server that is federated with the organization. |
| The external URL of the server federated with the organization. |
| The key used for internal communication. This key is automatically generated during site creation and should not be modified. |
Forward proxy config
| Parameter | Details |
|---|---|
| The forward proxy host name for http requests. |
| The forward proxy host name for https requests. |
| The forward proxy port number for http requests. |
| The forward proxy port number for https requests. |
| The forward proxy user name for http requests when authentication is required. |
| The forward proxy user name for https requests when authentication is required. |
| The forward proxy password for http requests when authentication is required. |
| The forward proxy password for https requests when authentication is required. |
| A list of host names separated by |
| A Boolean that indicates whether the http proxy password is encrypted. When adding or updating the password, this property should be changed to Values: |
| A Boolean that indicates whether the https proxy password is encrypted. When adding or updating the password, this should be changed to Values: |
Example usage
The following is a sample POST request for the update operation:
POST /context/admin/security/config/update HTTP/1.1
Host: organization.domain.com
Content-Type: application/x-wwww-form-urlencoded
Content-Length: []
securityConfig={
"serverRole": "HOSTING_SERVER",
"userStoreConfig": {
"type": "BUILTIN",
"properties": {}
},
"groupStoreConfig": {
"type": "BUILTIN",
"properties": {}
},
"tokenServiceKey": "CXlyzoKXH71nE/ip/2lF1aLUbjFBAyaQ2xV8UtkNH8o=",
"enableAutomaticAccountCreation": false,
"securityEnabled": true,
"allowInternetCORSAccess": true,
"disableServicesDirectory": false,
"portalProperties": {
"webgisServerTrustKey": "cTKqfkFoXdl2tHJdIoCIoxtAfuN8bAo1BoQqcADMkFY=",
"portalSecretKey": "d9f410f2f71240aab64dea54e6f983fe",
"privatePortalUrl": "https://privateportal.domain.local:8443/arcgis/",
"portalUrl": "https://organization.domain.com/context/",
"serverUrl": "https://organization.domain.com/context/",
"includeOrgIdWIthUsername": false,
"portalMode": "ARCGIS_PORTAL_FEDERATION",
"serverId": "rXPmB6CgeHlyG9sC"
},
"forwardProxyConfig": {
"httpProxyHost": "proxy.example.com",
"httpsProxyHost": "proxy.example.com",
"httpProxyPort": 8888,
"httpsProxyPort": 8888,
"httpProxyUser": "username",
"httpProxyPassword": "password",
"httpsProxyUser": "username",
"httpsProxyPassword": "password",
"nonProxyHosts": "enterprise.example.com|server.example.com",
"isHttpProxyPasswordEncrypted": false,
"isHttpsProxyPasswordEncrypted": false
}
}&f=pjson&token=m7zGSezM7znt6ZuIwr827imJxOTSDsjYujVdd7SiAQLYG1HmesG8EbSnTwCbiekEh0QwRdmeyp1hP63M60TPrdZQ2NzIg5G7qFaQh40MdiOCfh60-6oPKC2MNoqwdVDZ3srzreVZb66QofWXws8GMrKWkgP45A-2an5crKvReUo-pwvkzm68W87Q0yPJFA2Kww39UnMYNw-5qd2-Bt04VmkrqKI-lCbA-jFZY_UGzeGzNqnBGrjKuVB_q17HogMwJSON Response example
{"status": "success"}