The various products that GEO Jobe builds to assist clients in managing their ArcGIS organizations are powerful tools , that are capable of accessing, editing, copying, and even deleting all of an organization’s content. As such, our products always include checking for a user’s credentials before displaying any a user must grant access to their credentials (or authorize) before being able to retrieve information or allowing any actions to be performed through the use of GEO Jobe products.
There are two different methods for authentication when setting up an ArcGIS Organization - OAuth and IWA.
OAuth means the users will have a In OAuth (current version is OAuth 2.0), our products will redirecta user to a sign in prompt when authorizing access to ArcGIS account credentials. Here, the user’s username and password specific to the ArcGIS Organization . They will be prompted to enter those credentials when they try to sign into their org. (Note: If a client says they use SAMLmust be provided. An access token is then granted to the user to manage ArcGIS organization content (associated with the login credentials) through the use of GEO Jobe products. ArcGIS will NEVER provide important account details to GEO Jobe products, such as username settings or passwords. A visual example, can be located in the image below:
(Note: If only SAML is used, that is a type of OAuth).
...
IWA means “integrated windows authentication”. In this situation, a user’s (also known as Integrated Windows Authentication), is when the credentials are tied in with the account they use (set up by the user’s organization) used to sign into their a computer. While they there may have to click be a “sign in” button , they will never be or option, a user is NEVER prompted to enter a username or password. A visual example, can be located in the image below:
...
To A simple way to determine if a client has an ArcGIS Organization that uses OAuth or IWA , have them is to open up an incognito window in their an internet browser, and then navigate to their the ArcGIS Organization in question. If they are being prompted to enter a username and password when they sign signing in, they use it is using OAuth. If they aren’t, it’s IWAOtherwise, the authentication method is IWA.
In summary, GEO Jobe applications allow for easier management of ArcGIS organizational content once authentication has been granted by the user. At the same time, sensitive account information, such as usernames and passwords, is protected by ArcGIS.