Skip To Content
ArcGIS Developers
Dashboard

Managing access to the Server Administration REST API

ArcGIS Enterprise provides multiple ways for organizations to manage how their members access and interact with its content. One such way is by assigning members specific privileges through custom roles that include administrative privileges, such as the ability to manage an organization's security configuration. These custom roles allow organizations to delegate administrative tasks without having to assign the default administrator role to multiple members.

In continuation of this restrictive access model, ArcGIS Enterprise 10.8 limits access to the Portal Administration API based on the administrative privileges assigned to organization members through their custom role. To learn more about the changes to the Portal Administration API, see Managing access to the Portal Administration API.

The security privilege model has carried over to the ArcGIS Server Administration REST API. Starting at 10.8.1, only members assigned specific administrative privileges will be able to access the REST API. Further access to other resources and operations is restricted based on the endpoints that are associated with, or required by, their role's privileges.

Note:

Members assigned the default administrator role will continue to have access to the full Server Administration API.

Privilege based access

Members will only be able to access certain endpoints in the Server Administration API based on the privileges assigned to their role. Resources and operations that are not accessible to members that will be inaccessible through the UI or return errors if they are accessed through URL paths.

The table below shows which administrative privileges are authorized to access the Server Admin REST API:

Administrative Privilege CategoryPrivilege Name

Content

Update | Delete

Portal Settings

Security and Infrastructure | Servers

The Update and Delete privileges allow members to update, categorize, and delete content. Users assigned the Servers privilege can manage their organizations servers, such as federating/unfederating servers and assigning server roles. Those assigned the Security and Infrastructure privilege have the ability to add trusted servers, changing the server's SSL settings, and overall manage the security of their organization.

To learn more about these privileges, and what access they provide within an organization, see User types, roles, and privileges.

Endpoint access

The following section outlines the requirements to access each endpoint in the Server Administration API.

Note:

Users assigned the default administrator role will have access to every endpoint in the Server Administration API. Endpoints that are accessible only to those assigned the default administrator rile will be specified below.

Server Admin root

Endpoint PathPrivileges
/root

Update | Delete | Security and Infrastructure | Servers

<root-url>/createNewSite

Default administrator role only

<root-url>/exportSite

Default administrator role only

<root-url>/importSite

Default administrator role only

<root-url>/deleteSite

Default administrator role only

<root-url>/joinSite

Default administrator role only

<root-url>/upgrade

Default administrator role only

<root-url>/generateToken

Update | Delete | Security and Infrastructure | Servers

<root-url>/publicKey

Update | Delete | Security and Infrastructure | Servers

Machines

Endpoint PathPrivileges
<root-url>/machines

Update | Delete | Security and Infrastructure | Servers

<machines-url>/register

Security and Infrastructure

<machines-url>/rename

Security and Infrastructure

<machines-url>/<machine name>

Update | Delete | Security and Infrastructure | Servers

<machine-url>/edit

Security and Infrastructure

<machine-url>/start

Security and Infrastructure

<machine-url>/stop

Security and Infrastructure

<machine-url>/unregister

Security and Infrastructure

<machine-url>/synchronizeWithSite

Security and Infrastructure

<machine-url>/hardware

Update | Delete | Security and Infrastructure | Servers

<machine-url>/sslcertificates

Update | Delete | Security and Infrastructure | Servers

<sslcertificates-url>/generate

Security and Infrastructure

<sslcertificates-url>/importRootOrIntermediate

Security and Infrastructure

<sslcertificates-url>/importExistingServerCertificate

Security and Infrastructure

<sslcertificate-url>/<certificate>

Update | Delete | Security and Infrastructure | Servers

<certificate-url>/generateCSR

Security and Infrastructure

<certificate-url>/export

Security and Infrastructure

<certificate-url>/delete

Security and Infrastructure

<certificate-url>/importSignedCertificate

Security and Infrastructure

Services

Note:

Both the System and Utilities folders, and most of their operations, are only accessible to users assigned the default administrator role. The edit service operations in both the System and Utilities folder is accessible only to users with the Security and Infrastructure and Servers privileges.

Endpoint PathPrivileges
<root-url>/services

Update | Delete | Security and Infrastructure | Servers

<folder-url>/editFolder

Security and Infrastructure

<services-url>/createService

Update | Delete | Security and Infrastructure | Servers

<folder-url>/renameService

Update | Delete | Security and Infrastructure | Servers

<services-url>/canCreateService

Update | Delete | Security and Infrastructure | Servers

<services-url>/createFolder

Update | Delete | Security and Infrastructure | Servers

<services-url>/exists

Update | Delete | Security and Infrastructure | Servers

<services-url>/startServices

Update | Delete | Security and Infrastructure | Servers

<services-url>/stopServices

Update | Delete | Security and Infrastructure | Servers

<services-url>/deleteServices

Update | Delete | Security and Infrastructure | Servers

<services-url>/exportServices

Update | Delete | Security and Infrastructure | Servers

<services-url>/importServices

Update | Delete | Security and Infrastructure | Servers

<services-url>/federate

Update | Delete | Security and Infrastructure | Servers

<services-url>/unfederate

Update | Delete | Security and Infrastructure | Servers

<services-url>/types

Update | Delete | Security and Infrastructure | Servers

<types-url>/extensions

Update | Delete | Security and Infrastructure | Servers

<extensions-url>/register

Update | Delete | Security and Infrastructure | Servers

<extensions-url>/update

Update | Delete | Security and Infrastructure | Servers

<extensions-url>/unregister

Update | Delete | Security and Infrastructure | Servers

<service-url>/permissions

Update | Delete | Security and Infrastructure | Servers

<permissions-url>/add

Update | Delete | Security and Infrastructure | Servers

<permissions-url>/hasChildPermissionsConflict

Update | Delete | Security and Infrastructure | Servers

<permissions-url>/clean

Update | Delete | Security and Infrastructure | Servers

<folder-url>/report

Update | Delete | Security and Infrastructure | Servers

<services-url>/properties

Update | Delete | Security and Infrastructure | Servers

<properties-url>/update

Default administrator role only

<folder-url>/<serviceName.serviceType>

Update | Delete | Security and Infrastructure | Servers

<service-url>/start

Update | Delete | Security and Infrastructure | Servers

<service-url>/stop

Update | Delete | Security and Infrastructure | Servers

<service-url>/edit

Update | Delete | Security and Infrastructure | Servers

<service-url>/changeProvider

Update | Delete | Security and Infrastructure | Servers

<service-url>/deleteService

Update | Delete | Security and Infrastructure | Servers

<service-url>/statistics

Update | Delete | Security and Infrastructure | Servers

<service-url>/iteminfo

Update | Delete | Security and Infrastructure | Servers

<services-url>/licecycleinfos

Update | Delete | Security and Infrastructure | Servers

<service-url>/jobs

Update | Delete | Security and Infrastructure | Servers

<jobs-url>/<jobID>

Update | Delete | Security and Infrastructure | Servers

<jobs-url>/query

Update | Delete | Security and Infrastructure | Servers

<jobs-url>/purgeQueue

Default administrator role only

<job-url>/statistics

Update | Delete | Security and Infrastructure | Servers

<job-url>/delete

Default administrator role only

<job-url>/cancel

Default administrator role only

<iteminfo-url>/edit

Update | Delete | Security and Infrastructure | Servers

<iteminfo-url>/upload

Update | Delete | Security and Infrastructure | Servers

<iteminfo-url>/delete

Update | Delete | Security and Infrastructure | Servers

<services-url>/<folder>

Update | Delete | Security and Infrastructure | Servers

<folder-url>/deleteFolder

Update | Delete | Security and Infrastructure | Servers

Security

Endpoint PathPrivileges
<root-url>/security

Update | Delete | Security and Infrastructure | Servers

<security-url>/users

Update | Delete | Security and Infrastructure | Servers

<users-url>/getUsers

Update | Delete | Security and Infrastructure | Servers

<users-url>/search

Update | Delete | Security and Infrastructure | Servers

<users-url>/add

Update | Delete | Security and Infrastructure | Servers

<users-url>/remove

Update | Delete | Security and Infrastructure | Servers

<users-url>/update

Update | Delete | Security and Infrastructure | Servers

<users-url>/assignRoles

Update | Delete | Security and Infrastructure | Servers

<users-url>/removeRoles

Update | Delete | Security and Infrastructure | Servers

<users-url>/getPrivilege

Update | Delete | Security and Infrastructure | Servers

<security-url>/roles

Update | Delete | Security and Infrastructure | Servers

<roles-url>/getRoles

Update | Delete | Security and Infrastructure | Servers

<roles-url>/search

Update | Delete | Security and Infrastructure | Servers

<roles-url>/add

Update | Delete | Security and Infrastructure | Servers

<roles-url>/remove

Update | Delete | Security and Infrastructure | Servers

<roles-url>/update

Update | Delete | Security and Infrastructure | Servers

<roles-url>/getRolesForUser

Update | Delete | Security and Infrastructure | Servers

<roles-url>/getUsersWithinRole

Update | Delete | Security and Infrastructure | Servers

<roles-url>/addUsersToRole

Update | Delete | Security and Infrastructure | Servers

<roles-url>/removeUsersFromRole

Update | Delete | Security and Infrastructure | Servers

<roles-url>/assignPrivilege

Update | Delete | Security and Infrastructure | Servers

<roles-url>/getPrivilege

Update | Delete | Security and Infrastructure | Servers

<roles-url>/getRolesByPrivilege

Update | Delete | Security and Infrastructure | Servers

<security-url>/tokens

Update | Delete | Security and Infrastructure | Servers

<tokens-url>/update

Security and Infrastructure

<security-url>/config

Update | Delete | Security and Infrastructure | Servers

<config-url>/update

Security and Infrastructure | Servers

<config-url>/updateIdentityStore

Security and Infrastructure | Servers

<config-url>/testIdentityStore

Security and Infrastructure | Servers

<config-url>/changeServerRole

Security and Infrastructure | Servers

<security-url>/psa

Update | Delete | Security and Infrastructure | Servers

<psa-url>/update

Default administrator role only

<psa-url>/enable

Default administrator role only

<psa-url>/disable

Default administrator role only

System

Endpoint PathPrivileges
<root-url>/system

Update | Delete | Security and Infrastructure | Servers

<system-url>/properties

Update | Delete | Security and Infrastructure | Servers

<properties-url>/update

Security and Infrastructure

<system-url>/directories

Update | Delete | Security and Infrastructure | Servers

<directories-url>/register

Default administrator role only

<directories-url>/registerDirs

Default administrator role only

<directories-url>/recover

Default administrator role only

<directories-url>/<directory>

Update | Delete | Security and Infrastructure | Servers

<directory-url>/unregister

Default administrator role only

<directory-url>/clean

Default administrator role only

<directory-url>/edit

Default administrator role only

<system-url>/configstore

Update | Delete | Security and Infrastructure | Servers

<configstore-url>/edit

Default administrator role only

<configstore-url>/recover

Default administrator role only

<system-url>/webadaptors

Update | Delete | Security and Infrastructure | Servers

<webadaptors-url>/config

Update | Delete | Security and Infrastructure | Servers

<config-url>/update

Security and Infrastructure

<webadaptors-url>/<webadaptor>

Update | Delete | Security and Infrastructure | Servers

<webadaptor-url>/unregister

Security and Infrastructure

<system-url>/handlers

Update | Delete | Security and Infrastructure | Servers

<handlers-url>/rest

Update | Delete | Security and Infrastructure | Servers

<rest-url>/cache

Security and Infrastructure

<cache-url>/clear

Security and Infrastructure

<rest-url>/servicesDirectory

Update | Delete | Security and Infrastructure | Servers

<servicesDirectory-url>/edit

Security and Infrastructure

<system-url>/jobs

Update | Delete | Security and Infrastructure | Servers

<jobs-url>/<jobID>

Update | Delete | Security and Infrastructure | Servers

<system-url>/licenses

Update | Delete | Security and Infrastructure | Servers

<system-url>/deployment

Update | Delete | Security and Infrastructure | Servers

<system-url>/platformServices

Update | Delete | Security and Infrastructure | Servers

<platformServices-url>/<computePlatform>

Update | Delete | Security and Infrastructure | Servers

<computePlatform-url>/start

Update | Delete | Security and Infrastructure | Servers

<computePlatform-url>/stop

Update | Delete | Security and Infrastructure | Servers

<computePlatform-url>/status

Update | Delete | Security and Infrastructure | Servers

<computePlatform-url>/health

Update | Delete | Security and Infrastructure | Servers

<platformServices-url>/<syncService>

Update | Delete | Security and Infrastructure | Servers

<syncService-url>/start

Update | Delete | Security and Infrastructure | Servers

<syncService-url>/stop

Update | Delete | Security and Infrastructure | Servers

<syncService-url>/health

Update | Delete | Security and Infrastructure | Servers

<syncService-url>/status

Update | Delete | Security and Infrastructure | Servers

<syncService-url>/reset

Update | Delete | Security and Infrastructure | Servers

Data

Endpoint PathPrivileges
<root-url>/data

Update | Delete | Security and Infrastructure | Servers

<data-url>/registerItem

Update | Delete | Security and Infrastructure | Servers

<data-url>/unregisterItem

Update | Delete | Security and Infrastructure | Servers

<data-url>/validateDataItem

Update | Delete | Security and Infrastructure | Servers

<data-url>/validateAllDataItems

Update | Delete | Security and Infrastructure | Servers

<data-url>/findItems

Update | Delete | Security and Infrastructure | Servers

<data-url>/federateDataItem

Update | Delete | Security and Infrastructure | Servers

<data-url>/items

Update | Delete | Security and Infrastructure | Servers

<items-url>/edit

Update | Delete | Security and Infrastructure | Servers

<datastoreMachine-url>/makePrimary

Update | Delete | Security and Infrastructure | Servers

<datastoreMachine-url>/validate

Update | Delete | Security and Infrastructure | Servers

<datastoreMachine-url>/remove

Update | Delete | Security and Infrastructure | Servers

<datastoreMachine-url>/start

Update | Delete | Security and Infrastructure | Servers

<datastoreMachine-url>/stop

Update | Delete | Security and Infrastructure | Servers

<data-url>/config

Update | Delete | Security and Infrastructure | Servers

<config-url>/update

Update | Delete | Security and Infrastructure | Servers

<data-url>/relationalDatastoreTypes

Update | Delete | Security and Infrastructure | Servers

<relationalDatastoreTypes-url>/register

Update | Delete | Security and Infrastructure | Servers

<relationalDatastoreTypes-url>/<relationalDatastoreTypeID>

Update | Delete | Security and Infrastructure | Servers

<relationalDatastoreType-url>/edit

Update | Delete | Security and Infrastructure | Servers

<relationalDatastoreType-url>/unregister

Update | Delete | Security and Infrastructure | Servers

<bigDataFileShare-url>/<data item>/manifest

Update | Delete | Security and Infrastructure | Servers

<manifest-url>/regenerate

Update | Delete | Security and Infrastructure | Servers

<manifest-url>/update

Update | Delete | Security and Infrastructure | Servers

<bigDataFileShare-url>/<data item>/hints

Update | Delete | Security and Infrastructure | Servers

<hints-url>/update

Update | Delete | Security and Infrastructure | Servers

Uploads

Endpoint PathPrivileges
<root-url>/uploads

Update | Delete | Security and Infrastructure | Servers

<uploads-url>/upload

Update | Delete | Security and Infrastructure | Servers

<uploads-url>/register

Update | Delete | Security and Infrastructure | Servers

<uploads-url>/item

Update | Delete | Security and Infrastructure | Servers

<item-url>/uploadPart

Update | Delete | Security and Infrastructure | Servers

<item-url>/commit

Update | Delete | Security and Infrastructure | Servers

<item-url>/delete

Update | Delete | Security and Infrastructure | Servers

<item-url>/parts

Update | Delete | Security and Infrastructure | Servers

Logs

Endpoint PathPrivileges
<root-url>/logs

Update | Delete | Security and Infrastructure | Servers

<logs-url>/query

Update | Delete | Security and Infrastructure | Servers

<logs-url>/clean

Security and Infrastructure

<logs-url>/countErrorReports

Update | Delete | Security and Infrastructure | Servers

<logs-url>/settings

Update | Delete | Security and Infrastructure | Servers

<settings-url>/edit

Security and Infrastructure

KML

Endpoint PathPrivileges
<root-url>/kml

Update | Delete | Security and Infrastructure | Servers

<kml-url>/createKmz

Update | Delete | Security and Infrastructure | Servers

<kml-url>/kmz

Update | Delete | Security and Infrastructure | Servers

Info

Endpoint PathPrivileges
<root-url>/info

Update | Delete | Security and Infrastructure | Servers

<root-url>/getAvailableTimeZones

Update | Delete | Security and Infrastructure | Servers

Mode

Endpoint PathPrivileges
<root-url>/mode

Update | Delete | Security and Infrastructure | Servers

<mode-url>/update

Default administrator role only

Usage Report

Endpoint PathPrivileges
<root-url>/usageReports

Update | Delete | Security and Infrastructure | Servers

<usageReports-url>/add

Default administrator role only

<usageReports-url>/settings

Update | Delete | Security and Infrastructure | Servers

<settings-url>/edit

Default administrator role only

<usageReports-url>/<usage report>

Update | Delete | Security and Infrastructure | Servers

<usageReport-url>/edit

Default administrator role only

<usageReport-url>/data

Update | Delete | Security and Infrastructure | Servers

<usageReport-url>/delete

Default administrator role only