- URL:https://<security-url>/config
- Operations:Update Security Configuration, Update Identity Store, Test Identity Store
- Required Capability:Default administrator role | Security and infrastructure privilege | Add privilege
- Related Resources:Update Identity Store
- Version Introduced:10.2.1
Description
The security configuration consists of the identity store configuration.
If your portal will be authenticated through ArcGIS Web Adaptor, you must set up your preferred authentication on your web server. Use the Update Identity Store operation to configure your portal to connect to your enterprise identity provider such as Windows Domain or LDAP. By default, Portal for ArcGIS is configured to use the built-in store and token-based authentication.
The enableRemoteUserTokenValidation property enhances security by preventing a user from using a token generated by another user. This feature is only available when Web Tier Authentication is used.
For example, if user "Amy" obtains a token that was generated by "Bob", Amy can impersonate Bob by sending the token that was generated for Bob. However, when the enableRemoteUserTokenValidation property is enabled, portal verifies that the token currently being used was issued for the same user account that was authenticated by the Web Server. This property is enabled by default in portal as of version 10.5.1.
Request parameters
| Parameter | Details |
|---|---|
| f | The response format. The default response format is html. Values: html | json | pjson |
Example usage
Below is a sample request URL for the config resource:
https://machine.domain.com/webadaptor/portaladmin/security/config?f=jsonJSON Response syntax
{
"enableAutomaticAccountCreation": <true|false>,
"disableServicesDirectory": <true|false>,
"userStoreConfig": IdentityStore,
"enableRemoteUserTokenValidation": <true|false>
}JSON Response example
{
"disableServicesDirectory": false,
"enableAutomaticAccountCreation": true,
"enableRemoteUserTokenValidation": true
}