User Store—REST APIs | Documentation for ArcGIS Enterprise

The user store or the identity store is a repository of user accounts and credentials. ArcGIS Server connects to the user store to authenticate a user requesting access to a resource.

In addition to connecting to your enterprise user store such asWindows Domain or any other directory service that supports an LDAP interface, ArcGIS Server also ships with a built-in storage mechanism where you can create your user accounts.

ArcGIS Server requires you to configure a user store while setting up security on your site.

Response properties


LDAP Properties	Details
ldapURLForUsers	The LDAP URL pointing to the user accounts. Example `ldap://server:389/dc=mydomain,dc=com???(\|(objectClass=userProxy)(objectClass=user))?`
memberOfAttributeInUsers	The attribute of the user entry that contains role information. Example `memberOf`
usernameAttribute	The attribute of the user entry that is to be treated as the username. Example `name`
adminUser	The administrative account to the LDAP that has at least read access. Example `cn=admin,cn=users,dc=mydomain,dc=com`
adminUserPassword	The credentials for the administrative account. Example `secret`


WINDOWS Properties	Details
adminUser	The administrative account to the LDAP that has at least read access. Example `cn=admin,cn=users,dc=mydomain,dc=com`
adminUserPassword	The credentials for the administrative account. Example `secret`


CUSTOM Properties	Details
class	The fully qualified name of the Java class that implements custom access to the user store. Example `com.myorg.userstore.DBUserStore`
...	Any custom properties that are required by your class.

JSON Response syntax

{
  "type": "<BUILTIN | WINDOWS | LDAP | CUSTOM>",
  "properties": "<properties>"
}

JSON Response example

The JSON representation of a connection to LDAP:

{
  "type": "LDAP",
  "properties": {
    "userPassword": "secret",
    "isPasswordEncrypted": "false",
    "user": "uid=admin,ou=system",
    "userFullnameAttribute": "displayName",
    "userGivenNameAttribute": "givenName",
    "userSurnameAttribute": "sn",
    "ldapURLForUsers": "ldap://ldapserver:10636/ou=users,ou=ags,dc=example,dc=com",
    "userEmailAttribute": "mail",
    "usernameAttribute": "uid",
    "caseSensitive": "false",
    "userSearchAttribute": "dn", 
  }
}

The JSON representation of a connection to Windows Domain users:

{
  "type": "WINDOWS",
  "properties": {
    "userPassword": "secret",
    "isPasswordEncrypted": "false",
    "user": "mydomain\\winaccount",
    "userFullnameAttribute": "displayName",
    "userEmailAttribute": "mail",
    "userGivenNameAttribute": "givenName",
    "userSurnameAttribute": "sn",
    "caseSensitive": "false"
  }
}

Feedback on this topic?

Response properties

JSON Response syntax

JSON Response example

In this topic