Configure Service Resource Security

Starting with Designer for 2015, there were some changes to the security settings for services. The biggest change is the separation of security for accessing GIS data outside of the maps and accessing GIS data in the maps. More specifically, only GIS calls outside of the maps will use the new Security Type settings on Service Resources. The Esri Identity Manager control will be used for the map. See Configure Secured GIS Service Resources in Cityworks on MyCityworks for more information.

  1. Click the Service Resources tab.
  2. Select a service resource from the GIS Service Resources panel.

There are four security types that can be assigned to a resource: No Security, OAuth 2 App, OAuth2 User, and Token.

No Security is used if your services do not have security.

  1. To set No Security as the security type, select it from the Security Type drop-down list.

OAuth2 App is used if you use ArcGIS Online or Portal for ArcGIS and want application-based security. This option allows you to use an app ID instead of your ArcGIS Online login or password.

NOTE: Per Esri's documentation here, if you want to access private content within an organization or content that has been shared with a user, you must use the named user login pattern for authentication unless using premium content or services hosted by Esri.

  1. To set OAuth2 App as the security type, select it from the Security Type drop-down list.

  1. Enter the Token URL from your ArcGIS Online account, or click Use AGO URLs to populate this field with the URL used by ArcGIS Online.
  2. Enter the App Id from your ArcGIS Online Account.
  3. Click Set App Secret to set the app secret (password).
  4. Click Test Security to ensure that there is a valid token for the service.

OAuth2 User is used if you use ArcGIS Online or Portal for ArcGIS and want user-based security.

  1. To set OAuth2 User as the security type, select it from the Security Type drop-down list.

  1. Enter the Token URL from your ArcGIS Online or Portal for ArcGIS account, or click Use AGO URLs to populate this field with the URL used by ArcGIS Online.
  2. Enter the Authorization URL from your ArcGIS Online account, or click Use AGO URLs to populate this field with the URL used by ArcGIS Online. The Authorization URL is slightly different than the Token URL.
  3. Enter the App Id from your ArcGIS Online or Portal for ArcGIS account.
  4. Select Is Permanent to request a permanent token. This option is not as secure. If selected, you will have to log in to your ArcGIS Online or Portal for ArcGIS account and enable the option for a permanent token. Once you select this option, click Authorize to open the ArcGIS Online or Portal for ArcGIS login screen and authorize your account. If the token expires, you will have to return to this page and click Authorize again to renew it.

The Redirect URL is the URL that you will need to configure in ArcGIS Online or Portal for ArcGIS. The URL ends with OAuthRedirect.aspx.

  1. Click Set App Secret to set the app secret (password).
  2. Click Authorize to authorize the security information that you have entered.

NOTE: To register an app in ArcGIS Online or Portal for ArcGIS so Cityworks can authorize against it, see the related Esri Documentation here.

  1. Click Test Security to ensure that there is a valid token for the service.

Token is used if you use token-based security. This is useful if you are externalizing and want your services accessible from anywhere, but still secured.

  1. To set Token as the security type, select it from the Security Type drop-down list.

  1. Enter the Token URL that Cityworks will use to get the token. This URL is based on the name of your Esri server.
  2. Enter the number of minutes that the token will last in the Timeout field. The default is 60. Make sure that this value does not exceed what has already been configured in ArcGIS Enterprise.
  3. Enter the User Id of the user you use with your Esri server. For security reasons, the password is not displayed on this page.
  4. To set the password for the first time, click Set Password. To change the existing password, click Change Password.
  5. Click Test Security to ensure that there is a valid token for the service.

For more information on security types, see Service Resources Fields.

NOTE: Designer automatically saves the changes you make. A notification will appear in the top-right corner of the window that says Data Saved when you make changes to the page.