Closed JANA-hinukollu closed 1 year ago
Hi, thank you for the question. This area is only for issues related to the ArcGIS REST JS software (https://developers.arcgis.com/arcgis-rest-js/). Are you sure you're using ArcGIS REST JS? If you're using ArcGIS Web AppBuilder, you are most likely not using ArcGIS REST JS.
If you are indeed using ArcGIS REST JS, please provide a replication case or example code where you're sending the request so we can attempt to replicate your issue. Thank you!
Hi, thank you for the question. This area is only for issues related to the ArcGIS REST JS software (https://developers.arcgis.com/arcgis-rest-js/). Are you sure you're using ArcGIS REST JS? If you're using ArcGIS Web AppBuilder, you are most likely not using ArcGIS REST JS.
@gavinr Thanks for the reply. You are right, we are not using the ArcGIS REST JS client libray, we have an enterprise ArcGIS server hosted in our environment, making direct calls to the server using token based authentication. Our requirement is to hide the token from query params and send it in the request header by following this article. https://enterprise.arcgis.com/en/server/latest/administer/windows/accessing-arcgis-token-secured-web-services.htm
I have created the code sample here for reproducing it, in the example below I am using the ArcGIS REST JS client to make the request only for demo, but locally we are directly calling the ArcGIS server, not using any library but we are seeing the same error as attached below. https://codesandbox.io/s/cors-issue-p48jo9?file=/src/index.js
@JANA-hinukollu if you are using ArcGIS REST JS you need to do one of the following.
ArcGIS Servers (portal, enterprise, online) don't support the OPTIONS request on the GET requests to support the X-Esri-Authorization
header. So you need to either:
token
and hideToken
options in ArcGIS REST JSs request optionsheaders["X-Esri-Authorization"]
but change the httpMethod
to POST
.Changing httpMethod
to POST
:
import { request } from "@esri/arcgis-rest-request";
const url = "https://gis02.jana.local/server/rest/services/?f=json";
request(url, {
httpMethod: "POST", // hiding the token does not work with GET requests
headers: {
"X-Esri-Authorization": "<token-value>"
}
}).then(
(response) => {
console.log(response); // WebMap JSON
}
);
Use token
and hideToken
:
request(url, {
token: "<token-value>",
hideToken: true // let ArcGIS REST JS handle hiding the token in the headers
}).then(
(response) => {
console.log(response); // WebMap JSON
}
);
Describe the bug
Hi All, I want to hide the token passed as a query parameter in every map request. The Web App Builder application is querying arcgis portal for resources passing the token every time. I need to hide this token from the query parameter. I found that ESRi has suggested to send the token in the X-ESRI-Authorization header instead of as query parameter in the below link
Access ArcGIS token-secured web services—ArcGIS Server Administration (Windows) | Documentation for Ar...
Kindly let me know how to configure the JavaScript application to send the token in the X-ESRI-Authorization header instead of as query parameter.
Thanks
Hari
Reproduction
Nothing yet.
Logs
No response
System Info
Additional Information
No response