Configure Single Sign-on

Single Sign-on is managed in Admin using the Oauth 2 Clients page. Starting in 23.2, when you log out and you are using Single Sign-on, it logs you out of your ArcGIS account as well.

PREREQUISITES:
  1. In Admin, click the Admin tab and click OAuth2 Clients.

  1. Click Add record to add a client.
  2. Enter a name for the client and select the client Type from the drop-down list.

  1. Enter the App ID in the Id field. See Create the Application in ArcGIS Online or Portal for ArcGIS.

  2. Enter the App Secret in the Secret field. See Create the Application in ArcGIS Online or Portal for ArcGIS.
  3. The Type displays the type selected when the client was made, but can be changed using the drop-down list.
  4. Select the Active check box to mark the client as active.
  5. For the Base URI, enter the URL to access your organization's ArcGIS Online or Portal for ArcGIS site. For example: https://gis.cityworks.com/portal.
  6. The Redirect URI and Refresh URI fields are automatically populated based on the redirect field entered in the ArcGIS Online or Portal for ArcGIS application.
  7. To include an icon on the login page next to this single sign-on option, enter the Icon Uri in the field. A preview of the icon is shown next to Icon Preview. A valid URL that the server can access is required. If the URL is not in the same URL domain as the Cityworks website, you may encounter CORS issues.
  8. Click Save.

Office Companion sites previously configured as Windows Authentication should either reinstall their Office Companion site using forms authentication (not Windows Authentication), or add back the entries in the web.config file changed during the Windows Authentication installation process. See the following images that show where things are edited in the web.config file: