Enterprise GIS Configuration
To access the Enterprise GIS configuration area for you Maptaskr installation
-
Navigate to the environment page, click on Maptaskr app.
Figure 1: Maptaskr App.
-
Navigate to the configuration tab under Settings from the left navigation bar.
Figure 2: Configuration Menu Item.
-
Click on the
GIS
tab to view the configuration screen as show in the figure below.noteThe first 2 sections of this screen are available even with the standard edition licensing of Maptaskr. They will be explained here for completeness.
Figure 3: Enterprise GIS Configuration Screen.
Layer Proxy
This proxy layer setting is to be utilised for accessing non Esri ArcGIS layer web services i.e., WMS/WFS/WMTS. A proxy is only required if the services attempted to be accessed require a proxy to route requests to the configured layers.
Add Proxy URL to enable layer communication over a proxy server.
Figure 4: Layer Settings.
Field | Description |
---|---|
Proxy URL | The URL of the proxy to be used by Maptaskr to access the configured layers. |
Default Opacity Level | Default opacity configuration for the layers. |
Enable Sub-Layer Selection | Turns on all the sub layers upon turning on the layer. |
Enable Layer Search | Enables the ability to perform layer searching via Maptaskr. |
Layer Security
This layer security selection is to be utilised for accessing non Esri ArcGIS layer web services i.e. WMS/WFS/WMTS. An entry here is only requires if the services attempted to be accessed requires authentication using key value pair credentials.
Figure 5: Layer Security.
To add an authentication entry for WMS/WFS?WMTS layers click Add New
, enter the required key value pair, and click Save
.
Figure 6: Create New Layer Security Item.
Figure 7: New Layer Security Item.
This Layer Security will then be available to users when configuring WMS/WFS/WMTS layers when the Key/value pair Security Layer type
is selected.
Figure 8: Security Layer Selection.
Esri ArcGIS Configuration
The following section provide an overview of how to configure integration with the desired Esri ArcGIS instance. Please see section 2 General Information & for details on supported ArcGIS versions, and prerequisites that are required to be in place before Maptaskr configuration can occur.
Reminder: This capability is only available with the Maptaskr Enterprise edition.
ArcGIS Auth Applications
This section allows admins to setup multiple authentication configuration items that can be applied to the relevant ArcGIS layer services wanting to be accessed. Maptaskr supports Basic and OAuth authentication methods.
Figure 9: ArcGIS Auth Applications.
To create a new authentication item, click Add New
and enter in the relevant authentication details required for your integration. The following sections will go through the various configuration permutations available to match your integration needs.
Basic Auth
Maptaskr highly recommends the use of OAuth where possible, however where this is not possible, Basic Auth is available for use.
Basic Authentication is primarily used for on-premises versions of ArcGIS Server. A service end point is required to be configured to connect via this authentication manner.
Figure 10: Basic Auth Setup.
Set the Type
as Basic Auth
and then enter in the appropriate details as per the table below.
Field | Description |
---|---|
Application Name | User specified name used to reference the authentication setting when configuring layer services within Maptaskr. |
Username | The username to use for accessing the layer service. |
Password | The corresponding password for the above username. |
End Point | The service endpoint configured on the Esri ArcGIS instance that Maptaskr needs to request authentication from. |
OAuth
OAuth can be used to authentication against both on-premises versions of ArcGIS, as well as ArcGIS Online (AGOL). This is the recommended authentication approach, as it provides a more secure integration mechanism.
Figure 11: OAuth Setup.
Set the Type
as OAuth
and then enter in the appropriate details as per the table below.
FIELD | DESCRIPTION |
---|---|
Application Name | User specified name used to reference the authentication setting when configuring layer services within Maptaskr. |
Client ID/Secret | Sets the OAuth configuration to utilise a Client ID & Secret combination that needs to be configured within the respective ArcGIS instance. Note: This setup only works for ArcGIS Online integration. For ArcGIS on-prem please use Username/Password or Static Tokens: Static Token Auth |
Username/Password | Sets the OAuth configuration to utilise a Username & Password combination that needs to be configured within the respective ArcGIS instance. Typical setup for ArcGIS on-prem (Enterprise/Server) integration. Though this can also be used for ArcGIS Online. This is configured via the following options - Online – Connecting to an online service Enterprise – Connecting to an on-prem service (ArcGIS Enterprise/ Server) Using this authentication method will require you to set the Enterprise End Point. See section ArcGIS User Login for details. |
Client ID | The client ID to use for accessing the service. Only available if OAuth Type set to Client ID/Secret. |
Secret | The secret to use for accessing the service. Only available if OAuth Type set to Client ID/Secret. |
Username | The username to use for accessing the service. Only available if OAuth Type set to Username/Secret. |
Password | The password to use for accessing the service. Only available if OAuth Type set to Username/Secret. |
ArcGIS User Login
In order for Maptaskr to authenticate to an on-premise
instance of ArcGIS Enterprise, an Enterprise End Point
is required.
Figure 12: ArcGIS User Login.
The Enterprise End Point
referred to in this configuration setting is the URL where the token generation service can be accessed, as outlined in ArcGIS Server documentation > Acquire ArcGIS Server tokens.
Using Landgate’s SLIP services as a publicly available example, if you go to https://services.slip.wa.gov.au/public/tokens/generateToken you will get to the token service as shown below.
Figure 13: Example ArcGIS Token Service.
Note: Accessibility to the endpoint is required from your D365 host IP range for your Maptaskr to be able to acquire the necessary token for authentication.
The Application ID is not a required field but can be used as an additional layer of security, if filled in, the Application ID is passed with every call to the REST endpoint in addition to the Token.
The above configuration will then enable you to access layers within the Maptaskr for D365.
Additional Parameters
ArcGIS layers can additionally be configured to include additional parameters in EVERY request to the Layer URL. For example, this can be useful if you have any security layers the request needs to pass through before going out to the Layer URL.
To configure Additional Parameters head into the D365 solution and edit or create an ArcGIS layer on the dashboard.
Figure 14: Configuring Additional Parameters.
In the Additional Parameters field, enter a query string for key/value pairs. These will be appended to every request for the layer.
Make sure you use the correct query string structure, or your layer may not function correctly.
Layer Authentication - Static Token Auth
ArcGIS layers can also be configured to use a static token on a per layer scope. This allows you to have a specific token for each layer and gives you the flexibility to implement your own flows that regularly refresh these tokens. When used in combination with the token refresh interval it is possible to have rolling tokens for additional security.
To configure a static token head into the D365 solution and edit or create an ArcGIS layer via the dashboard map.
Figure 15: Configuring Static Tokens.
You will need to set Static Token Auth
from the Auth Types
dropdown. This will enable the Static Token
field. Now you can enter your static token. When the portal control finds a layer with Static Token Auth enabled it will append this static token to every request for this layer.
Tip: You can implement secure server-to-server authentication by setting up a process for programmatically getting and setting this token based on the security needs of your organisation. Some customers utilise an integration service such as Power Automate or Logic App, which polls the token periodically and updates the corresponding Maptaskr layer configuration entry.
Note: If a layer is configured for Static Token Auth it will attempt to load the static token and use it for all queries regardless of the Is Authenticated
field being enabled.