Invalid Pointer when connecting to Web Mapping Services secured with a Database User and Role store

Last Published: April 25, 2020

Error Message

The message 'Error: Invalid Pointer' is displayed when connecting to Web Mapping Services secured using an authenticated user defined in a Database User and Role store.


This error can be caused when ArcGIS Server Web Mapping Service security is enabled and Secure Sockets Layer (SSL) is not configured on the ArcGIS Server machine.

Solution or Workaround

A secure connection using HTTPS (SSL) is required by default when requesting a token from the Token Service. HTTPS encrypts the user name and password during transmission. The client must use HTTPS when requesting a token, either by the standard method where the user name and password are included in the query string (used by ArcGIS Desktop, the Web ADF controls, and other clients) or the GetToken.html Web page.

For internal testing purposes only, the requirement for HTTPS can be disabled, so that tokens can be obtained using nonsecure HTTP.

Be aware that passwords sent using HTTP can be intercepted by anyone connected to the network. Using HTTP for tokens should only be necessary on a development server where the organization's policies prohibit the installation of the IIS Web server on the development machine.

In these circumstances, development is typically done using the file-based Web server in Visual Studio (Cassini), which does not support the use of SSL/HTTPS. When IIS is available, SSL should always be used to protect against the capture and unauthorized use of user names and passwords.

To set the Token Service to allow nonsecure HTTP requests for tokens, follow these steps:

  1. Open the file <Web server root>\ArcGIS\Tokens\web.config with a text or XML editor. If the ArcGIS instance is not in the default location, C:\Inetpub\wwwroot\ArcGIS, then go to the location of the ArcGIS instance.
  2. Locate the following tags inside the <appSettings> section. If the tag(s) do not exist, add them.
    <appSettings> <add key="RequireSSL" value="True" />
    <add key="TokenServiceURL" value="https://myserver/ArcGIS/tokens/" /> ...
  3. Set the value of the RequireSSL key to False, and change the value of the TokenServiceURL from https to http. Save the file. IIS does not need to be restarted, as any change in the web.config file should restart the Token Service application.
  4. Repeat the above steps for the web.config files in <Web server root>\ArcGIS\rest and <Web server root>\ArcGIS\Services.

    Remember to restore the SSL requirement when appropriate. To re-enable the requirement for SSL in the Token Service, restore the RequireSSL setting to True, set the TokenServiceURL to use https, then save the file. Do this for each web.config file in the Tokens, Rest, and Services folders.

Article ID:000010444

  • ArcGIS Server

Receive notifications and find solutions for new or common issues

Get summarized answers and video solutions from our new AI chatbot.

Download the Esri Support App

Related Information

Discover more on this topic

Get help from ArcGIS experts

Contact technical support

Download the Esri Support App

Go to download options