Defense and Intelligence

Accessing secure OGC services with ArcGIS Online

OGC services provide a great mechanism for achieving Interoperability. While OGC services are generally targeted for open environments, it is also true that many organizations disseminate “high value” information products using secure OGC protocols; secured using basic, digest or Integrated Windows authentication. In the past, ArcGIS Online had no options for dealing with these secure OGC web  services. With the latest release of ArcGIS Online, it is now possible for organizations to list these secured servers (hosting the secure ogc services) as “trusted servers”; thereby allowing members of their ArcGIS Online to conveniently add secure wms and wmts services from these trusted servers.

For example: If you have a secure OGC WMS service say –

You would then add this host name ““ to your list of trusted servers. This will allow users of your organization to now easily access secure OGC services (such as the wms service) in your mapviewer. For users of the “on premise” Portal for ArcGIS, this feature will be available in the 10.4 version.

Fundamentally, the Trusted Servers is a list of host server names you wish your organization to send credentials to when making Cross-Origin Resource Sharing (CORS) requests to access services secured with web-tier authentication. While I explained its use in the secured OGC services context, it is also THE mechanism that allow the map viewer, Web AppBuilder, and the configurable apps to now fully support editing ArcGIS feature services secured with web-tier authentication.

Since this approach relies on CORS, it is important that you use browsers that support CORS. The latest versions of Firefox, Chrome, Safari, and Internet Explorer 10 and later are CORS enabled. CORS is not supported in IE prior to version 10. To test if your browser has CORS enabled, open

Notify of
Inline Feedbacks
View all comments

Next Article

Deprecation Notice for ArcGIS GeoAnalytics Server

Read this article