ArcGIS Enterprise portal

Using the con terra Technologies Identity Service, smart.finder can delegate the authentication of users to ArcGIS Enterprise portal. This means that a user can log in to smart.finder with a portal account. Groups and roles of the portal user are translated into roles for smart.finder.

Connecting to ArcGIS Enterprise portal creates the following possibilities:

  • Assigning roles for using the Job Manager.

  • Assignment of roles for the use of the Solr Admin Client.

  • Assignment of roles for the user-sensitive restriction of the search index.

Establishing a connection between smart.finder and ArcGIS Enterprise-Portal

The connection of smart.finder with ArcGIS Enterprise-Portal is done in two steps.

Step 1: Install and configure Identity Service.

In this step you install and configure the Identity Service as a separate web application. To do this, follow these steps from the Identity Service documentation:

  1. Install the Identity Service.

  2. Connect the Identity Service to ArcGIS Enterprise-Portal.

  3. Configure map.apps as a trusted service in the Identity Service.

  4. Configure the federation-server as a trusted service in the Identity Service.

Step 2: Configure smart.finder

To enable login delegation, set the following parameters in global configuration:

example-configuration
security.mode=IDENTITY
security.login.base=https://www.example.com/identity
esri.api.arcgisPortalUrl=https://arcgis.example.com/portal
security.mode

The IDENTITY value specifies that authentication should be delegated through the Identity Service.

security.login.base

Base URL of the Identity Service.

esri.api.arcgisPortalUrl

URL to the used ArcGIS Enterprise portal. The value must match the configuration for security.oauth.provider.arcgis.url in the Identity Service.