HOW TO
Generate a token for a federated ArcGIS Server that uses IWA SSO authentication using Python
Summary
When requesting a token via Python, the request is technically anonymous. Since anonymous authentication is disabled at the Web Adaptor level when taking advantage of IWA SSO, a 404 unauthorized error is returned when trying to generate a token.
To work around this limitation, it is necessary to install the requests-negotiate-sspi module in the Python environment that we want to use to grant the "requests" module the ability to pass Windows credentials in requests.
Use the below sample script to generate a token using the credentials of the Windows account with which you run your script:
Procedure
import json
import requests
from requests_negotiate_sspi import HttpNegotiateAuth
portal = "https://hostname.domain.com/portal"
server = "https://hostname.domain.com/server"
def getPortalToken(url):
parameters = {'client' : 'referer','referer': server,'expiration': 5,'f' : 'json'}
req = requests.get(url + '/sharing/rest/generateToken?', parameters, auth=HttpNegotiateAuth())
json = req.json()
token = json.get("token", "")
return token
def getServerToken(url, serverUrl, token):
parameters = {'serverUrl' : serverUrl,'token' : token,'f' : 'json'}
req = requests.get(url + '/sharing/rest/generateToken?', parameters, auth=HttpNegotiateAuth())
json= req.json()
token = json.get("token", "")
return token
portalToken = getPortalToken(portal)
serverToken = getServerToken(portal, server, portalToken)
print(serverToken)
Article ID: 000029103
- Portal for ArcGIS
- ArcGIS Server
Get support with AI
Resolve your issue quickly with the Esri Support AI Chatbot.
Related Information
Discover more on this topic
Search for related information
Find training related to this topic
Explore ideas and give feedback
Get help from ArcGIS experts
Start chatting now