SaaS Security Administrator's Guide
    : Onboard an ArcGIS App to SSPM
    Focus
    Download PDF
    Focus
    1. Home
    2. SaaS Security
    3. SaaS Security Administrator's Guide
    4. SaaS Security Posture Management
    5. Onboard SaaS Apps Supported by SSPM
    6. Onboard an ArcGIS App to SSPM
    Download PDF

    SaaS Security Administrator's Guide

    Onboard an ArcGIS App to SSPM

    Table of Contents

    Onboard an ArcGIS App to SSPM

    Connect an ArcGIS instance to SSPM to detect posture risks.
    For SSPM to detect posture risks in your ArcGIS instance, you must onboard your ArcGIS instance to SSPM. Through the onboarding process, SSPM connects to an ArcGIS API and, through the API, scans your ArcGIS instance for misconfigured settings. If there are misconfigured settings, SSPM suggests a remediation action based on best practices.
    SSPM gets access to your ArcGIS instance through OAuth 2.0 authorization. To enable OAuth 2.0 authorization, you first create an OAuth 2.0 integration application in ArcGIS before onboarding your ArcGIS instance in SSPM. During the onboarding process, you are prompted to log in to ArcGIS and to grant SSPM the access it requires.
    To onboard your ArcGIS instance, you complete the following actions:

    Collect Information for Accessing Your ArcGIS Instance

    To access your ArcGIS instance, SSPM requires the following application credentials. You will create the OAuth 2.0 integration application and provide its credentials to SSPM during the onboarding process.
    ItemDescription
    Client IDSSPM will access an ArcGIS API through an OAuth 2.0 application that you create. ArcGIS generates the Client ID to uniquely identify this application.
    Client SecretSSPM will access the ArcGIS API through an OAuth 2.0 application that you create. ArcGIS generates the Client Secret, which SSPM uses to authenticate to this application.
    As you complete the following steps, make note of the values of the items described in the preceding table. You will need to enter these values during onboarding to enable SSPM to access your ArcGIS instance.
    1. From SSPM, get a redirect URI. You will specify this redirect URI in the OAuth 2.0 application that you will create in ArcGIS. To get this information, you will begin the onboarding process in SSPM, but you will not complete the process.
      1. From the Add Application page in SSPM ( Posture SecurityApplicationsAdd Application), click the ArcGIS tile.
      2. Under posture security instances, Add Instance or, if there is already an instance configured, Add New instance.
      3. Log in with Credentials.
        A connection page for onboarding an ArcGIS instance is displayed. The Redirect URL field displays the redirect URL value.
      4. Copy the URL and paste it into a text file.
        Do not continue to the next step unless you have copied the redirect URL. You will need to specify this URL later when you are configuring your OAuth 2.0 integration application.
      5. Because you will not be completing the onboarding process until after you have gathered the necessary configuration information, return to the Apps Onboarding page.
    2. Identify the administrator account that you will use to create your OAuth 2.0 application.
      Required Permissions: The OAuth 2.0 application must be created by an ArcGIS administrator.
    3. Create your OAuth 2.0 application.
      1. Open a web browser and go to the ArcGIS Developer page at developers.arcgis.com.
      2. Log in to the administrator account that you identified earlier.
      3. From the ArcGIS Developer dashboard, navigate to the OAuth 2.0 tab to create a New Application.
      4. In the Create new application dialog, specify a name for the application and Create application.
        ArcGIS displays a configuration page for your new OAuth 2.0 application. This page contains the application credentials (Client ID and Client Secret) for your application.
      5. Copy the Client ID and Client Secret and paste them into a text file.
        Do not continue to the next step unless you have copied the Client ID and Client Secret. You must provide this information to SSPM during the onboarding process.
    4. Add the redirect URI that you obtained from SSPM to your Oauth 2.0 application.
      1. From the OAuth 2.0 tab of the ArcGIS Developer dashboard, select your OAuth 2.0 application and click View Full Credentials.
      2. Locate the Redirect URLs tile and click + Add URI .
      3. In the Add Allowed URI dialog, specify the URI that you copied from SSPM and Add URI.

    Connect SSPM to Your ArcGIS Instance

    By adding an ArcGIS app in SSPM, you enable SSPM to connect to your ArcGIS instance.
    1. From the Add Application page ( Posture SecurityApplicationsAdd Application), click the ArcGIS tile.
    2. Under posture security instances, Add Instance or, if there is already an instance configured, Add New instance.
    3. Log in with Credentials.
    4. Enter the application credentials (Client ID and Client Secret) and Connect.
      SSPM redirects you to the ArcGIS login page.
    5. Log in to the ArcGIS administrator account.
      ArcGIS displays a consent form that details the access permissions that SSPM requires.
    6. Review the consent form and allow the requested permissions.

    © 2024 Palo Alto Networks, Inc. All rights reserved.