How to Determine If an Organization is Using IWA or OAuth

Owned by Courtney Menikheim
Last updated: Apr 15, 2024 by Kenny Tran
2 min read

The various products that GEO Jobe builds to assist clients in managing their ArcGIS organizations are powerful tools that are capable of accessing, editing, copying, and even deleting all of an organization’s content. As such, a user must grant access to their credentials (or authorize) before being able to retrieve information or allowing any actions to be performed through the use of GEO Jobe products.

There are two different methods for authentication when setting up an ArcGIS Organization - OAuth and IWA.

In OAuth (current version is OAuth 2.0), our products will redirect a user to a sign in prompt when authorizing access to ArcGIS account credentials. Here, the user’s username and password specific to the ArcGIS Organization must be provided. An access token is then granted to the user to manage ArcGIS organization content (associated with the login credentials) through the use of GEO Jobe products. ArcGIS will NEVER provide important account details to GEO Jobe products, such as username settings or passwords. A visual example, can be located in the image below:

(Note: If only SAML is used, that is a type of OAuth)

 

IWA (also known as Integrated Windows Authentication), is when the credentials are tied in with the account (set up by the user’s organization) used to sign into a computer. While there may be a “sign in” button or option, a user is NEVER prompted to enter a username or password. A visual example, can be located in the image below:

 

A simple way to determine if an ArcGIS Organization uses OAuth or IWA is to open up an incognito window in an internet browser, and then navigate to the ArcGIS Organization in question. If being prompted to enter a username and password when signing in, it is using OAuth. Otherwise, the authentication method is IWA.

 

In summary, GEO Jobe applications allow for easier management of ArcGIS organizational content once authentication has been granted by the user. At the same time, sensitive account information, such as usernames and passwords, is protected by ArcGIS.