Request tokens ignored on dev/qa servers if portal URL and UserSession.portal don't match
See original GitHub issueWhen using request
with ArcGIS Online Dev/QA environments, a token will not be added to the request unless the portal
URL matches the authentication UserSession.portal
.
The dev/qa owningSystemUrl
is not recognized as a ArcGIS Online server
https://github.com/Esri/arcgis-rest-js/blob/master/packages/arcgis-rest-auth/src/UserSession.ts#L826
Issue Analytics
- State:
- Created 4 years ago
- Comments:12 (11 by maintainers)
Top Results From Across the Web
Invalidate Session on Portal with rest address - Esri Community
Hi Guillaume,. Both of those methods should work fine to invalidate tokens. The urls just need to be adjusted to match your Portal...
Read more >Acquire ArcGIS Server tokens—ArcGIS Server
Tokens can be acquired using the tokens endpoint (using steps below) or through an HTTP POST request using the ArcGIS REST API.
Read more >Oracle Eloqua Developer Guide
1. Request an access token through a GET request to the login.eloqua.com/auth/oauth2/authorize endpoint using the following URL parameters:.
Read more >Chapter 8. Managing Clients Red Hat Single Sign-On 7.0
As in normal login, roles from access token are the intersection of scopes and the service account roles. The REST URL to invoke...
Read more >Is there a reason why my ArcGIS Server token works, when ...
When I would try and access secured services programmatically using my public URL and token (much like you are doing), I would get...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I think this is happening in 2 similar but different cases because unless the URL passes the tests in https://github.com/Esri/arcgis-rest-js/blob/master/packages/arcgis-rest-auth/src/UserSession.ts#L725-L729 the
UserSession.portal
must exactly matches theowningSystemUrl
in order to be considered for federation.This means that the following cases fail to federate:
UserSession.portal === "https://someorg.mapsdev.arcgis.com/sharing/rest/"
this actually appears to be a fairly common case for apps like Storymaps. since in devowningSystemUrl
is alwayshttps://devext.arcgis.com
these don’t match and federation doesn’t happen. This was the original issue from @qlqllu https://github.com/Esri/arcgis-rest-js/blob/b956d910aadf76729190a54b6af0d3286cc11079/packages/arcgis-rest-auth/src/UserSession.ts#issuecomment-507092212. I think this is also the original issue reported by @ssylvia.http://
andhttps://
which is what @timmorey reported in https://github.com/Esri/arcgis-rest-js/blob/b956d910aadf76729190a54b6af0d3286cc11079/packages/arcgis-rest-auth/src/UserSession.ts#issuecomment-504144004.@tomwayson has the right solution since we cant consider devext to be federated with production or vica versa so you would have to:
UserSession.portal
is ANY ArcGIS Online Environment.UserSession.portal
.url
is ANY ArcGIS Online Environment.url
.The alternative would be to modify https://github.com/Esri/arcgis-rest-js/blob/master/packages/arcgis-rest-auth/src/UserSession.ts#L826 with new tests to make sure that things like
https://someorg.mapsdev.arcgis.com/sharing/rest/
andhttps://devext.arcgis.com
are considered federated and to resolve the http/https issue.I receive the
NOT_FEDERATED
, which I think it’s caused by this reason.The portal in session is the org URL: beijing.mapsdevext.arcgis.com, and the feature service URL is: servicedev.arcgis.com.
I think these 2 URLs should be considered as federated.