Way back in 2019, the GEO Job Blog published an article on How to Implement OAuth 2.0 for ArcGIS. This article still serves as a very easy to understand resource on this authentication type. To this day, we frequently reference it for the purposes of explaining how OAuth 2.0 is set up and implemented, both internally and with our customers.
There are two different methods for authentication when setting up an ArcGIS Organization – OAuth and Integrated Windows Authentication (IWA). However, we still occasionally encounter situations where our products and services users are not quite sure if their ArcGIS Organization utilizes Oauth 2.0 or IWA. After all, both ArcGIS as well as GEO Jobe products support logins through either of these authentications. At first glance, it might not always be obvious which is being utilized in an ArcGIS Organization. This article will hopefully help break down the differences so that you can more easily understand which is being used by your organization.
OAuth 2.0
OAuth 2.0 is the protocol that ensures only users that are given permission can access an ArcGIS Organization’s content. This means the users will have a specific username and password for the ArcGIS Organization. These users will be prompted to enter those credentials when they try to sign into their org.
Integrated Windows Authentication (IWA)
IWA automatically authenticates the connections between Microsoft Internet Information Services and other Active Directory aware applications. In this situation, the credentials are tied directly in with the account used to sign into a computer. Although there may be a “sign in” button, you will never be prompted to manually enter a username or password in order to do so.
In the event that you believe that your browser might be automatically holding the login token or remembering your password, thus making it difficult to manually log in, you can still determine if an ArcGIS Organization uses OAuth or IWA by opening an incognito window in a browser and navigating to the ArcGIS Organization in question. If you are prompted to enter a username and password when they sign in, it uses OAuth. If it doesn’t, then it’s IWA.
At this point, it should now be much easier for you to identify what type of authentication your ArcGIS Organization utilizes. If you would like to see more helpful or interesting information, be sure to subscribe to the GEO Jobe Blog. If you have a question about ArcGIS, you can always reach out to us via email at connect@geo-jobe.com.
