Integrate Azure AD into Essentials/Identity Server?

Gareth Finney

• June 01, 2022 01:55

Hi All,

Just wondering if anyone has successfully integrated Azure AD with Essentials? I've noticed a couple of posts on this, but not a lot of results or responses. Even the older links to the PDF that outlined configuring OAuth2 with Essentials have been deprecated on this forum. Can these be made available even?

I've also read in this forum that configuring OAuth0 is a little limited, and somewhat cost prohibitive. I'm not sure of the difference b/w the OAuth's to be honest. Just looking for any advice, experiences etc. with getting Essentials 4.x talking with Azure AD. 

Thanks in advance....

GF

0

• 

  Martin Simonsen Bjørkenes

  • June 01, 2022 10:44

  Have you considered using ArcGIS Enterprise or ArcGIS Online as Sign In method for Essentials? Provided you have either Portal or ArcGIS Online integrated with Azure AD already, this is by far the easiest way to establish Azure AD security in your Essentials sites.

  0
• 

  Gareth Finney

  • June 01, 2022 23:24

  Hi Martin, 

  Thanks for the reply. 

  At present we do not have Portal up and running. That's a story for another day! So in the meantime, we are looking at AAD as our SSO option across all of our applications in the department, so it's not just the spatial apps such as ours.

  Eventually we will be going down the Portal path, but there's some water to flow under that bridge before then. Once we do that, then yeah, I guess we hook that into AAD as you suggest. 

  thanks again for the suggestion - much appreciated

  GF

  0
• 

  Gareth Evans

  • June 02, 2022 00:38

  Hi Gareth! Great name. ;)

  I'd agree with Martin here, that using Portal (e.g. ArcGIS Enterprise) as an intermediary is the least painful route. Esri have some excellent documentation on setting this up here: Configure Azure Active Directory—Portal for ArcGIS | Documentation for ArcGIS Enterprise

  From there you would follow our Essentials documentation on configuring GE to sign in (federate) with your Portal: Essentials Install - Choose a Method to Sign In to Manager (vertigisstudio.com)

  If Portal is not an option due to licensing costs or technical restrictions, we do have this KBA on Using ADFS as an Identity Provider for Essentials – VertiGIS that you could follow and use in an Azure AD context.  

  I would highly encourage you to consider whether Portal is an option here, as having that in place would set you up for the future.

  0
• 

  Gareth Finney

  • June 02, 2022 03:22

  Thanks for the reply Gareth.

  At present, Portal is not an option. We are presently working through the implications of heading down the v5 series path with our local GCX supplier.  It's a lot to take in, even before looking at the Esri licencing model around Named Users and what that entails (think 500+ registered editors, and multiple external emergency agencies, and you start to understand our reluctance to join the Portal Party right now). 

  For now though, we need to look at the ADFS approach me thinks. I mucked around with this some time back, but lost that doco, so a big thanks for the heads up there.

   

  regards

  The Other Gareth

   

  0
• 

  Gareth Evans

  • June 08, 2022 17:57

  Hi Other Gareth

  That's understandable.

  If you're still stuck getting through that, I'd suggest submitting a support case to AAM. We've worked with them in the past on troublesome identity provider setup cases so I think they'd be able to help here.

  Regards

  The Other Other Gareth

  0

Please sign in to leave a comment.