The Allow anonymous access to your organization setting in an ArcGIS Online organization allows public users without ArcGIS Online accounts to access the organization's home page. They can search and view organization resources that are shared publicly.
Organization administrators may have concerns about data privacy and restricting access. This article describes some best practices when allowing anonymous access to an ArcGIS Online organization.
Ensure sensitive data are shared privately within the organization
To protect sensitive data, share the data within the organization. Refer to ArcGIS Online: Share items for more information.
Create layer views
With hosted feature layer views, it is possible to create datasets with the option to hide particular fields or features. Refer to ArcGIS Online: Create hosted feature layer views for more information.
Note: If the layer views are created for visualization purposes, ensure editing is disabled. Refer to ArcGIS Blog: Preparing Content for Public Sharing with ArcGIS Online and ArcGIS Blog: Protect your editable feature data from the public, a best practices approach for more information.
Manage featured content on the organization's website Gallery tab
By default, all publicly shared content are featured on the Gallery tab on the organization's website. To manage featured content on the Gallery tab, select a group containing the items for public sharing. Refer to ArcGIS Online: Configure gallery for more information.
Manage items using groups on the organization's home page
To manage items using groups, add item galleries to the home page when configuring it. The Gallery tab only features one group, but it is possible to display multiple groups on the home page. Refer to ArcGIS Blog: Create a great home page for your organization for more information.
Note: Sharing content publicly is rather different from featuring shared content on the Gallery tab or organization home page. When organization content such as web apps or web maps are shared publicly, anonymous users have access to the shared content via public URLs even though the Allow anonymous access to your organization setting is disabled.