Bug
Locally hosted token-based authentication for the Web AppBuilder for ArcGIS Print Widget generates an invalid PDF output when printing a secured map service that has stored credentials in ArcGIS Online.
| Bug ID Number | BUG-000109333 |
|---|---|
| Submitted | November 6, 2017 |
| Last Modified | June 5, 2024 |
| Applies to | ArcGIS Online |
| Version found | 5.3 |
| Status | Known Limit |
Additional Information
The behavior in this issue is the normal security strategy by design, not a bug. Token-based authentication When the locally hosted app wants to access the online item, including web map item and its secured layers, it must send a request to "https://www.arcgis.com/sharing/generateToken" to get the token. The token itself contains your credential and other necessary information. When printing the map, the token will be sent to the print service. The problem is that the token is generated only for the host machine of the app which is controlled by the following request parameters: origin:http://**.local:5000 referer:http://**.local:5000/USA_secure/ The print service is hosted on another server, so it cannot use the token directly. OAuth authentication When using OAuth authentication, users must create a registered app and assign the appId to the locally hosted WAB app. When users log in, they will also get a token, but this token is different from the token in token-based authentication. When the service receives such a request, it checks users' credential against the registered app. The service works if the registered app says "OK, the token is issued from here".Steps to Reproduce
Bug ID: BUG-000109333
Software:
- ArcGIS Online
Get notified when the status of a bug changes
Discover more on this topic
Search for related information
Find training related to this topic
Explore ideas and give feedback
Get help from ArcGIS experts
Download the Esri Support App