ArcGIS REST API

Server Properties

  • URL:https://server:port/arcgis/admin/system/properties
  • Operations:Update
  • Version Introduced:10.1

Description

ArcGIS Server has configuration properties that govern some of its intricate behavior. The Server Properties resource is a container for these properties. The properties are available to all server objects and extensions through the server environment interface. The available properties are as follows:

  • AppServer—The architecture of ArcGIS Server was optimized at 10.6, enabling it to be more responsive and effective with service management. At 10.7, the legacy app server was removed entirely. This property can be used at 10.6 or 10.6.1 to override the optimized architecture in order to use legacy architecture.
    Legacy:

    This property only applies to 10.6 and 10.6.1. It has no utility in versions earlier than 10.6 or later than 10.6.1.

    Values:

    • {"AppServer" : "Legacy"}
    • {"AppServer" : "Optimized"}

    The default value is {"AppServer" : "Optimized"}.

    Note:

    The AppServer property is relevant only when the singleClusterMode deployment is set to true. If singleClusterMode is set to false and all machines are restarted, the legacy architecture will be used.

  • allowGPAndExtensionPublishingToPublishers—Allows both publishers and administrators to publish geoprocessing services and extensions if set to true. Beginning at 10.4, only administrators can publish extensions and geoprocessing services by default.
  • allowLegacyURLParser—Introduced at 10.6. When added and set to true, braces { }, brackets [ ], or pipe | special characters are allowed in URL query strings unencoded. Starting at 10.7, double quotation marks " are also allowed in URL query strings when this property is set to true.

    By default, the property is not listed and its value is false.

    It is recommended that you do not enable this property, as it carries a security vulnerability. If you do add or change the property, manually restart ArcGIS Server for it to take effect.

  • CacheSizeForSecureTileRequests—An integer that specifies the number of users whose token information will be cached. This increases the speed of tile retrieval for cached services. If not specified, the default cache size is 200,000. Both REST and SOAP services honor this property. You'll need to manually restart ArcGIS Server for this change to take effect.
  • defaultJsonResponseContentType—At 10.6, the default content-type for JSON and JSON with callback responses has been changed from text/plain to application/json and application/javascript, respectively. At 10.6.1, the default content-type for GeoJSON has been changed from text/plain to application/geo+json. All three of these content-type properties can be reverted in your ArcGIS Services and Server Administrator REST APIs back to text/plain. To do so, insert this parameter: {"defaultJsonResponseContentType": "text/plain"}. Restart ArcGIS Server for the change to take effect. The only value this parameter will accept is text/plain. You should carefully consider the security risks of changing the content-type of JSON and GeoJSON responses on your server.
  • DisableAdminDirectoryCache—Disables browser caching of the Administrator Directory pages. The default is false. To disable browser caching, set this property to true.
  • disableIPLogging—When a possible cross-site request forgery (CSRF) attack is detected, the server logs a message containing the possible IP address of the attacker. If you do not want IP addresses listed in the logs, set this property to true. Also, HTTP request referrers are logged at FINE level by the REST and SOAP handlers unless this property is set to true.
  • enableNosniffHeader—Introduced at 10.7. When set to true, all network communication from ArcGIS Server includes the X-Content-Type-Options response header with a value of nosniff. This helps protect against MIME confusion attacks by preventing web browsers from "MIME sniffing" a response away from the declared content-type of an asset. The default value is true.
  • featureServiceXSSFilter—Introduced at 10.7.1. Acceptable values are input (the default) and inputOutput. This parameter is used to set the value of the xssPreventionRule for feature services when they are published. When set to input, an XSS filter is applied to any attribute data input into a feature service for new or updated features. When set to inputOutput, both the input data and the output data are filtered for XSS strings; this is a more secure option, but has a performance impact when applied to large, complex feature services. Changes made to this parameter only apply to new feature services, and will not update the xssPreventionRule for existing feature services.
  • httpProxyHost—Specifies the HTTP host name of the proxy server.
  • httpProxyPort—Specifies the HTTP port number of the proxy server.
  • httpProxyUser—Specifies the HTTP proxy server user name (if needed).
  • httpProxyPassword—Specifies the HTTP proxy server password (if needed).
  • httpsProxyHost—Specifies the HTTPS host name of the proxy server.
  • httpsProxyPort—Specifies the HTTPS port number of the proxy server.
  • httpsProxyUser—Specifies the HTTPS proxy server user name (if needed).
  • httpsProxyPassword—Specifies the HTTPS proxy server password (if needed).
  • isHttpProxyPasswordEncrypted—Set this property to false when you are configuring the HTTP proxy server password in plain text. After configuration, the password will be encrypted, and this property will be set to true.
  • isHttpsProxyPasswordEncrypted—Set this property to false when you are configuring the HTTPS proxy server password in plain text. After configuration, the password will be encrypted, and this property will be set to true.
  • javaExtsBeginPort—Specifies a start port of the port range used for debugging Java server object extensions.

    Example: 8000

  • javaExtsEndPort—Specifies an end port of the port range used for debugging Java server object extensions.

    Example: 8010

  • ldapCertificateValidation—Introduced at 10.7. When set to true, any encrypted LDAP communication (LDAPS) made from ArcGIS Server to the user or role identity store will enforce certificate validation. The default value is false.
    Note:

    When set to true, if the certificate name does not match or the certificate cannot be validated, ArcGIS Server may attempt to use unencrypted LDAP communication or it may not be able to establish communication at all. If this occurs, a warning message will be logged.

  • localTempFolder—Defines the local folder on a machine that can be used by GIS services and objects. If this property is not explicitly set, the services and objects will revert to using the system's default temporary directory.
    Note:

    If this property is used, you must create the temporary directory on every server machine in the site. Example: /tmp/arcgis.

  • machineSuspendThreshold—At 10.7, machines record their status once per minute in the configuration store if they are active. This property defines the time period of inactivity after which a machine will be suspended from receiving administrative and publishing requests. Once a suspended machine records an active status, it will be reinstated to receive such requests. The default value is 60 minutes. See suspendedMachineUnregisterThreshold.
  • messageFormat—Defines the transmission protocol supported by the services catalog in the server.

    Values: esriServiceCatalogMessageFormatBin, esriServiceCatalogMessageFormatSoap, esriServiceCatalogMessageFormatSoapOrBin

  • messageVersion—Defines the version supported by the services catalog in the server.

    Example: esriArcGISVersion107

  • minutesToCacheUserRoles—Defines the time period, in minutes, for which users and roles from your LDAP or Active Directory will be cached on the server after a request for users or roles from the identity store. This optimizes the performance of your secure services. By default, the time period is 30 minutes. You can modify the time period using this property, or you can disable caching by setting the property to zero. This property was added at 10.5.
  • nonProxyHosts—This property should always contain the machine name where your portal is installed. If you want to federate ArcGIS Server with your portal, this property should also include the name of the machine where ArcGIS Server is installed. If the ArcGIS Server site contains multiple machines, a wildcard can be used for all machines in the domain (for example, *.domain.com). Machine and domain items are separated using a pipe (|).
  • percentageMaxAllowedComputeCores—Sets the maximum percentage of CPU, out of the total CPU available on the machine, that will be used by the compute platform worker process on a single node.
  • percentageMaxAllowedComputeMemory—Sets the maximum percentage of memory, out of the total amount of memory available on the machine, that will be used by the compute platform worker process on a single node.
  • PushIdentityToDatabase—Propagates the credentials of the logged-in user to make connections to an Oracle database. This property is only supported for use with Oracle databases.

    Values: true | false

  • readOnlyModeCopyConfigLocal—Determines whether configuration files are copied to the local repository when enabling read-only mode.

    Values: true(default) | false.

    Example: "readOnlyModeCopyConfigLocal": false

  • readOnlyModeRestartServices—Determines the service restart behavior when enabling read-only mode.

    Values: true (default) | false.

    Example: "readOnlyModeRestartServices": false

  • standardizedQueries—This security property forces developers to use standardized SQL queries in where clauses when working with map, feature, image, and WFS services through REST or SOAP. This makes it easier for developers and applications to query ArcGIS Server services and helps prevent SQL injection attacks. Standardized queries are enforced by default but can be disabled by the server administrator.

    Values: true | false

  • suspendDuration—Specifies the duration the ArcGIS service hosting processes should suspend at startup. This duration is specified in milliseconds. This is an optional property that takes effect when suspendServiceAtStartup is set to true. If the duration is not specified and suspension of service at startup is requested, the default suspend duration is 30 seconds.

    Example: 10000 (meaning 10 seconds)

  • suspendedMachineUnregisterThreshold—At 10.7, machines record their status once per minute in the configuration store if they are active. This property defines the time period of inactivity after which a machine will be unregistered from the site. This property is disabled by default, with a value of -1. If used, this threshold should be higher than the machineSuspendThreshold property.
  • suspendServiceAtStartup—Suspends the ArcGIS service hosting processes at startup. This will enable attaching to those processes and debugging code that run early in the life cycle of server extensions soon after they are instantiated.

    Values: true | false

  • uploadFileExtensionWhitelist—This specifies what files are allowed to be uploaded through the file upload API by identifying the allowable extensions. It is a list of comma separated extensions without dots. If this property is not specified, a default list is used. This is the default list: soe, sd, sde, odc, csv, txt, zshp, kmz, and geodatabase.
    Note:

    Updating this list overrides the default list completely. This means that if you set this property to a subset of the default list, only those items in the subset will be accepted for upload. Example: sd, so, sde, odc.

  • uploadItemInfoFileExtensionWhitelist—This specifies what files are allowed to be uploaded through the service iteminfo upload API by identifying the allowable extensions. It is a list of comma separated extensions without dots. If this property is not specified, a default list is used. This is the default list: xml, img, png, gif, jpg, jpeg, bmp.
    Note:

    This list overrides the default list completely. This means that if you set this property to a subset of the default list, only those items in the subset will be accepted for upload. Example: png, svg, gif, jpg, tiff, bmp.

  • WebContextURL—Defines the web front end as seen by your users.

    Example: https://mycompany.com/gis

  • WebSocketContextURL—If you are using a web socket reverse proxy server for Stream Services, enter the proxy URL here.

Request parameters

ParameterDetails
f

Description: The response format. The default response format is html.

Values: html | json

Response format

{
    "<property1>": <value1>,
    "<property2>": <value1>,
    ...
}

Example usage

{
    "PushIdentityToDatabase": true,
    "WebContextURL": "https://mycompany.com/gis",
    "messageFormat": "esriServiceCatalogMessageFormatSoapOrBin",
    "uploadFileExtensionWhitelist": "soe,sd,sde,csv,txt,kmz",
    "featureServiceXSSFilter": "input",
    "DisableAdminDirectoryCache": true
}