Bug
ArcGIS for Server redirects to the login page for a secured REST endpoint instead of resolving to the service by decrypting the supplied URL token.
| Bug ID Number | BUG-000095330 |
|---|---|
| Submitted | March 28, 2016 |
| Last Modified | July 15, 2025 |
| Applies to | ArcGIS for Server |
| Version found | 10.3.1 |
| Operating System | Windows OS |
| Operating System Version | 2008 R2 64 Bit |
| Status | Non-Reproducible |
Additional Information
This is expected behavior. The HTTP referrer option is causing the token to not be accepted by ArcGIS for Server when provided directly. This is working as designed. The ArcGIS Server REST API documents that setting as follows; HTTP Referer: When this (default) option is selected, the issued token can only be used in requests referred by the specified URL. This is the URL of the page from which the request is made to the ArcGIS resource. Use this approach when building an application with the ArcGIS API for JavaScript or other REST-based applications, in which individual clients requests maps and data directly from the ArcGIS for Server web service.Workaround
When using Request IP, the generated token used to open the secure map service works properly.Steps to Reproduce
Bug ID: BUG-000095330
Software:
- ArcGIS for Server
Get notified when the status of a bug changes
Discover more on this topic
Search for related information
Find training related to this topic
Explore ideas and give feedback
Get help from ArcGIS experts
Download the Esri Support App