arcgis.gis.admin module

Classes for administering your GIS.

The gis.admin property is dynamically set at runtime based on what kind of GIS (ArcGIS Enterprise or ArcGIS Online) an administrator connects to. For ArcGIS Online GIS, administrators will get an instance of AGOLAdminManager from the gis.admin property. For ArcGIS Enterprise GIS , administrators will get an instance of PortalAdminManager from the gis.admin property.

AGOLAdminManager

class arcgis.gis.admin.AGOLAdminManager(gis, ux=None, metadata=None, collaborations=None)

Bases: object

This is the root resource for administering your online GIS. Starting from this root, all of the GIS’s environment is organized into a hierarchy of resources and operations.

Parameter: :param gis: GIS object containing Administrative credentials :param ux: the UX object (optional) :param metadata: the metadata manager object (optional) :param collaborations: the CollaborationManager object (optional)

property category_schema

This resource allows for the setting and manipulating of category schemas.

Returns

CategoryManager object

property certificates

Provides access to managing the organization’s certificates.

Returns

CertificateManager object

property collaborations

The collaborations resource lists all collaborations in which a portal participates

Returns

CollaborationManager object

property credits

Manages the credits on a ArcGIS Online

Returns

CreditManager object

history(start_date, to_date=None, num=100, all_events=True, event_ids=None, event_types=None, actors=None, owners=None, actions=None, ips=None, sort_order='asc', data_format='csv', save_folder=None)

Returns a CSV file or Pandas’s DataFrame containing the login history from a start_date to the present.

Parameter

Description

start_date

Required datetime.datetime object. The beginning date to start with.

to_date

Optional datetime.datetime object. The ending date. If not provided, the query will attempt to obtain all records till the current date.

num

Optional Integer. The maximum number of records to return. The maximum value is 10,000 set by the ArcGIS REST API. If the value of -1 is provided it will attempt to get all records for the date range. The default is 100.

all_events

Optional Boolean. If True, all types of events are included. If False, only actions targeted by the organization are included. When exporting as csv this parameter is True.

event_id

Optional String. Filter events by specific target user name or target ID in a batch result set. It can be the ID of an item, a group, a role, a collaboration, an identity provider, and so on.

event_types

Optional String. Filter events by a comma-separated list of target types in a batch result set.

Values: a (organization), c (collaboration), cp (collaboration participate),

cpg (collaboration participate group), cw (collaboration workspace), cwp (collaboration workspace participate), g (group), i (item), idp (identity provider), inv (invitation), r (role), u (user)

actors

Optional String. Comma seperated list of usernames.

owners

Optional String. Filter events by a comma-separated list of user names who own the action targets in a batch result set.

actions

Optional String. Comma seperated list of actions to query for.

Values: add, addusers, create, delete, removeusers, share, unshare, update, failedlogin, login, and updateUsers.

ips

Optional String. Filter events by a comma-separated list of IP addresses in a batch result set.

sort_order

Optional String. Describes whether the results return in ascending or descending chronological order. The default is ascending.

Values: asc or desc

data_format

Optional String. The way the data is returned to the user. The response can be a df, csv, or ‘raw’. ‘df’ returns a DataFrame, ‘csv’ returns a comma seperated file, and ‘raw’ returns the JSON string as a dictionary.

Values: df, csv, ‘raw’

save_folder

Optional String. The save location of the CSV file.

Returns

string or pd.DataFrame or dict

property idp

This resource allows for the setting and configuration of the identity provider

Returns

IdentityProviderManager object

property license

provides a set of tools to access and manage user licenses and entitlements.

property location_tracking

The manager for Location Tracking. See LocationTrackingManager

Returns

LocationTrackingManager object

property metadata

resources to work with metadata on GIS

Returns

MetadataManager object

property password_policy

tools to manage a Site’s password policy

scheduled_tasks(item=None, active=None, user=None, types=None)

This property allows org_admins to be able to see all scheduled tasks on the enterprise

Parameter

Description

item

Optional Item. The item to query tasks about.

active

Optional Bool. Queries tasks based on active status.

user

Optional User. Search for tasks for a single user.

types

Optional String. The type of notebook execution for the item. This can be ExecuteNotebook, or UpdateInsightsWorkbook.

Returns

List of Tasks

property servers

Provides access to managing the services hosted on ArcGIS Online

Returns

AGOLServersManager

property social_providers

This resource allows for the setting and configuration of the social providers for a GIS.

Returns

SocialProviders object

property urls

returns the URLs to the Hosting and Tile Server for ArcGIS Online

property usage_reports

provides access to the usage reports of the ArcGIS Online organization

Returns

AGOLUsageReports object

property ux

returns a UX/UI manager

Returns

UX object

PortalAdminManager

class arcgis.gis.admin.PortalAdminManager(url, gis=None, **kwargs)

Bases: arcgis.gis.admin._base.BasePortalAdmin

This is the root resource for administering your portal. Starting from this root, all of the portal’s environment is organized into a hierarchy of resources and operations. A version number is returned as a part of this resource. After installation, the portal can be configured using the Create Site operation. Once initialized, the portal environment is available through System and Security resources.

Parameter

Description

url

web address to portaladmin rest API (ends with: portal//sharing/rest/)

gis

GIS object containing Administrative credentials

initialize

Optional if True, properties of REST endpoint are loaded on creation of object. False (default) means they are loaded when needed.

property category_schema

This resource allows for the setting and manipulating of category schemas.

Returns

CategoryManager object

property collaborations

The collaborations resource lists all collaborations in which a portal participates

Returns

CollaborationManager object

property federation

provides access into the federation settings of a server.

Returns

Federation object

history(start_date, num=100, save_folder=None)

Returns a CSV file containing the login history from a start_date to the present.

Parameter

Description

start_date

Required datetime.datetime object. The beginning date.

num

Optional Integer. The maximum number of records to return.

save_folder

Optional String. The save location of the CSV file.

Returns

string

property idp

This resource allows for the setting and configuration of the identity provider

Returns

IdentityProviderManager object

property info

Returns the current version and build number of the Enterprise system

Returns

dict

property license

provides a set of tools to access and manage user licenses and entitlements.

Returns

LicenseManager object

property living_atlas

provides a set of tools to manage and setup Living Atlas content.

Returns

LivingAtlas object

property location_tracking

The manager for Location Tracking. See LocationTrackingManager.

Returns

LocationTrackingManager object

property logs

returns a class to work with the portal logs

Returns

Logs object

property machines

This resource lists all the portal machines in a site. Each portal machine has a status that indicates whether the machine is ready to accept requests.

Returns

Machines object

property metadata

returns a set of tools to work with ArcGIS Enterprise metadata settings.

Returns

MetadataManager object

property mode

Gets/Set the mode of the ArcGIS Enterprise deployment. When obtaining the mode, it returns information about the current state of the system.

Key

Description

read_only

Required Boolean. A boolean that specifies whether the Enterprise portal is in read-only mode. Read-only mode will block requests to modify or create any data, including content, users, groups, or site settings. The default value is false.

message

Optional String. Sets a custom message to be displayed whenever an attempt to modify or update content or site settings is made through the API.

>>> gis.admin.mode({'read_only' : False})
>>> assert gis.admin.mode['isReadOnly'] == False
property password_policy

tools to manage a Site’s password policy

Returns

PasswordPolicy object

scheduled_tasks(item=None, active=None, user=None, types=None)

This property allows org_admins to be able to see all scheduled tasks on the enterprise

Parameter

Description

item

Optional Item. The item to query tasks about.

active

Optional Bool. Queries tasks based on active status.

user

Optional User. Search for tasks for a single user.

types

Optional String. The type of notebook execution for the item. This can be ExecuteNotebook, or UpdateInsightsWorkbook.

Returns

List of Tasks

property security

accesses the controls for the security of a local portal site

Returns

Security object

property servers

returns a server manager object

Returns

ServerManager

property site

Site is the root resources used after a local GIS is installed. Here administrators can create, export, import, and join sites.

Returns

Site object

property social_providers

This resource allows for the setting and configuration of the social providers for a GIS.

Returns

SocialProviders object

property system

This resource provides access to the ArcGIS Web Adaptor configuration, portal directories, database management server, indexing capabilities, license information, and the properties of your portal.

Returns

System object

property ux

returns a UX/UI manager with properties such as description, featured_content, name, etc.

Returns

UX object

property webhooks

Provides access to Portal’s WebHook Manager

Returns

WebhookManager object

KubernetesAdmin

class arcgis.gis.kubernetes.KubernetesAdmin(url, gis)

Bases: arcgis.gis.kubernetes._admin._base._BaseKube

Kubernetes Administration Class

property category_schema

This resource allows for the setting and manipulating of catagory schemas.

property collaborations

The collaborations resource lists all collaborations in which a portal participates

property datastores

The Datastore Manager allows the administrator to manage the registered datastores

Returns

DataStores

property jobs

This resource is a collection of the jobs (asynchronous operations) created in your deployment. When operations that support asynchronous executions are run with the async option enabled, a new job entry is created that can be queried for its current status and messages.

property license

provides a set of tools to access and manage user licenses and entitlements.

property logs

provides access to the Kubernetes Logs

property metadata

returns a set of tools to work with ArcGIS Enterprise metadata settings.

property mode
property organizations

Provides access to the Organizations settings

property overview

Provides access to the overview resource to access persisted cache or real-time information.

Returns

Overview

scheduled_tasks(item=None, active=None, user=None, types=None)

This property allows org_admins to be able to see all scheduled tasks on the enterprise

Parameter

Description

item

Optional Item. The item to query tasks about.

active

Optional Bool. Queries tasks based on active status.

user

Optional User. Search for tasks for a single user.

types

Optional String. The type of notebook execution for the item. This can be ExecuteNotebook, or UpdateInsightsWorkbook.

Returns

List of Tasks

property security

Gets an object to work with the site’s security settings

Returns

KubeSecurity

property services

Provides access to managing the services on the site

property services_catalog

Provides access to work with the services on the site

property social_providers

This resource allows for the setting and configuration of the social providers for a GIS.

property system

This is a collection of system-wide resources for your deployment such as the configuration store, licenses, and deployment-wide security.

Returns

SystemManager

property uploads

Gets an object to work with the site uploads.

property usage

Provides access to the metrics viewer and metrics API tools.

Returns

UsageStatistics

property webhooks

Provides access to Portal’s WebHook Manager

AGOLUsageReports

class arcgis.gis.admin.AGOLUsageReports(url, gis=None, initialize=True, **kwargs)

Bases: arcgis.gis.admin._base.BasePortalAdmin

Simple Usage Reports from ArcGIS Online

Note

Usage reports can contain users outside your orgnanization.

applications(start_time=None, time_frame='week')

Creates a usage report for all registered application logins for a given organization on ArcGIS Online.

Note

Reports can contain users outside your orgnanization that used the application

Parameter

Description

start_time

optional datetime, the time to step back from. If None, the current time is used.

time_frame

optional string, is the timeframe report to create. Allowed values: today, week, 14days, 30days, 60days, 90days, 6months, year

Returns

dictionary

credit(start_time=None, time_frame='week', export=False)

Creates a Report as a Panda’s dataframe or CSV file for a given time range for ArcGIS Online Organizations.

Note

Reports can contain users outside your orgnanization that consumed credits

Parameter

Description

start_time

optional datetime, the time to step back from. If None, the current time is used.

time_frame

optional string, is the timeframe report to create. Allowed values: today, week (default), 14days, 30days, 60days, 90days, 6months, year

export

optional boolean, if True, a csv is generated from the request. If False, a Panda’s dataframe is returned

Returns

string path to csv file or Panda’s Dataframe (default)

generate_report(focus='org', report_type='users', title=None, duration=None, start_time=None, notify=False, future=True)

Generates the reports of the overall usage of the organizations. Reports define organization usage metrics for either a weekly or monthly time frame.

Parameter

Description

focus

Required String. The level to perform the report on. The allowed value is only org.

report_type

Required String. The type of report to generate. The allowed values are users,`content`, or credits.

title

Optional String. The Item’s title.

duration

Optional String. This is the timeframe to generate the report on. The allowed values are: weekly or monthly.

start_time

Optional datetime.datetime. The start time to begin reporting time.

notify

Optional Boolean. The Job will print a message upon completing of the task.

future

Optional Boolean. Returns an asynchronous Job when True when False, it returns an Item.

Returns

Async Job Object or Item

users(start_time=None, time_frame='week')

Creates a usage report for all users for a given organization on ArcGIS Online.

Note

Reports can contain users outside your orgnanization that consumed credits

Parameter

Description

start_time

optional datetime, the time to step back from. If None, the current time is used.

time_frame

optional string, is the timeframe report to create. Allowed values: today, week, 14days, 30days, 60days, 90days, 6months, year

Returns

dictionary

Bundle

class arcgis.gis.admin.Bundle(url, properties=None, gis=None)

Bases: object

This represents a single instance of an application bundle

assign(users)

Assigns the current application bundle to a list of users

Parameter

Description

users

Required List. A list of user names or User objects to assign the current application bundle to.

Returns

Boolean. True if successful else False

property properties

returns the application bundles properties

revoke(users)

Revokes the current application bundle to a list of users

Parameter

Description

users

Required List. A list of user names or User objects to remove the current application bundle to.

Returns

Boolean. True if successful else False.

property users

returns a list of users assigned the application bundle

CategoryManager

class arcgis.gis.admin.CategoryManager(gis)

Bases: object

This class allows for the addition, removal and viewing of category schema.

add(items, category)

Adds a category to an existing set of items

Parameter

Description

items

Required Items. The content within a GIS that will be updated with a list of categories.

category

Required String. Assigns a category value to the items.

Returns

Dictionary indicating ‘success’ or ‘error’

>>> item = [gis.content.get("<item id 1>"),
            gis.content.get("<item id 2>")]
>>> cs = gis.admin.category_schema
>>> print(cs.add(items=[item], category="/Categories/TEST3"))
[{'results': [{'itemId': '<item id 1>', 'success': True}]},
 {'results': [{'itemId': '<item id 2>', 'success': True}]}]
categorize_item(item, categories)

Assigns or removes a category to a single item.

Parameter

Description

item

Required Item or Item ID (string). The content within a GIS that will be updated with a list of categories.

categories

Required list. Assigns a list of string values to the item’s categories

Returns

Boolean. True if successful else False

remove(items, category)

remove a category to an item or items

replace(items, old_category, new_catgory)

finds and replaces a category value with a new value one

reset(items)

deletes all the categories for a given set of items

property schema

Get/Set the catagory schema for a GIS.

When schema is used as a getter, then operation returns the GIS’ defined category schema is any.

When schema is used as a setter, the parameter:

Parameter

Description

value

optional list. The schema list. Syntax Example: [

{

“title”: “Themes”, “categories”: [

{

“title”: “Basemaps”, “categories”: [

{“title”: “Partner Basemap”}, {

“title”: “Esri Basemaps”, “categories”: [

{“title”: “Esri Redlands Basemap”}, {“title”: “Esri Highland Basemap”}

]

}

]

},

{

“title”: “Region”, “categories”: [

{“title”: “US”}, {“title”: “World”}

]

}]}]

CollaborationManager

class arcgis.gis.admin.CollaborationManager(gis, portal_id=None)

Bases: object

accept_invitation(first_name, last_name, email, invitation_file=None, invitation_JSON=None, webauth_username=None, webauth_password=None, webauth_cert_file=None, webauth_cert_password=None)

The accept_invitation operation allows a portal to accept a collaboration invitation. The invitation file received securely from the collaboration host portal must be provided. Once a guest accepts an invitation to a collaboration, it must link workspace(s) associated with the collaboration to local portal group(s). The guest must export a collaboration invitation response file and send it to the host. Once the host processes the response, content can be shared between the host and guest(s).

Parameter

Description

first_name

Required string. The first name of the contact person for the guest portal.

last_name

Required string. The last name of the contact person.

email

Required string. The email of the contact person.

invitation_file

Optional string. The invite file to upload to portal. Use either this parameter or invitation_JSON.

invitation_JSON

Optional string. The same contents as the invitation_file parameter but passed as a string. Use either this parameter or invitation_file.

webauth_username

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication user name.

webauth_password

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication password.

webauth_cert_file

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication certificate file.

webauth_cert_password

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication certificate password.

Returns

Dictionary indicating ‘success’ or ‘error’

collaborate_with(guest_gis, collaboration_name, collaboration_description)

A high level method to quickly establish a collaboration between two GIS. This method uses defaults wherever applicable and internally calls the create, accept_invitation and invite_participant methods. This method will create a new group and a new workspace in both the host and guest GIS for this collaboration. Invitation and response files created during the collaborations will be downloaded to the current working directory.

Use the other methods if you need fine-grained control over how the collaboration is set up.

Parameter

Description

guest_gis

Required GIS. GIS object of the guest org or Enterprise.

collaboration_name

Required string. A generic name for the collaboration. This name is used with prefixes such as wksp_<your_collab_name>, grp_<your_collab_name> to create the collaboration workspace and groups.

collaboration_description

Optional string. A generic description for the collaboration.

Returns

boolean

create(name, description, workspace_name, workspace_description, portal_group_id, host_contact_first_name, host_contact_last_name, host_contact_email_address, access_mode='sendAndReceive')

The create method creates a collaboration. The host of the collaboration is the portal where it is created. The initial workspace for the collaboration is also created. A portal group in the host portal is linked to the workspace. The access mode for the host portal is set. The contact information associated with the host can be specified; otherwise, the contact information for the administrator user performing the operation will be used.

Parameter

Description

name

Required string. Name of the collaboration

description

Required string. Description of the collaboration

workspace_name

Required string. The name of the initial workspace.

workspace_description

Required string. The description of the initial workspace.

portal_group_id

Required string. ID of group in the portal that will be linked with the workspace.

host_contact_first_name

Required string. The first name of the contact person for the collaboration host portal.

host_contact_last_name

Required string. The last name of the contact person for the collaboration host portal.

host_contact_email_address

Required string. The email address of the contact person for the collaboration host portal.

access_mode

Required string. The organization’s access mode to the workspace. Values: send | receive | sendAndReceive (default)

Returns

the data item is registered successfully, None otherwise

list()

gets all collaborations for a portal

validate_invitation(first_name, last_name, email, invitation_file=None, invitation_JSON=None, webauth_username=None, webauth_password=None, webauth_cert_file=None, webauth_cert_password=None)

The validate_invitation method allows a portal to validate a collaboration invitation. The invitation file received securely from the collaboration host portal must be provided. Validation checks include checking that the invitation is for the intended recipient.

Parameter

Description

first_name

Required string. The first name of the contact person for the guest portal.

last_name

Required string. The last name of the contact person.

email

Required string. The email of the contact person.

invitation_file

Optional string. The invite file to upload to portal. Use either this parameter or invitation_JSON.

invitation_JSON

Optional string. The same contents as the invitation_file parameter but passed as a string. Use either this parameter or invitation_file.

webauth_username

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication user name.

webauth_password

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication password.

webauth_cert_file

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication certificate file.

webauth_cert_password

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication certificate password.

Returns

Dictionary indicating ‘success’ or ‘error’

Collaboration

class arcgis.gis.admin.Collaboration(collab_manager, collab_id, portal_id=None)

Bases: dict

The collaboration resource returns information about the collaboration with a specified ID.

add_group_to_workspace(portal_group, workspace)
This operation adds a group to a workspace that participates in a portal-to-portal collaboration. Content shared

to the portal group is shared to other participants in the collaboration.

Parameter

Description

portal_group

Required Group of string. Group ID or object to add to the workspace.

Returns

Dictionary indicating ‘success’ or ‘error’

add_workspace(name, description, config, portal_group_id)

The add_workspace resource adds a new workspace to a portal-to-portal collaboration. Only collaboration hosts can create new workspaces.

Parameter

Description

name

Required string. The name of the workspace.

description

Required string. Brief description of the workspace.

portal_group_id

Required string. The ID of the portal group linked with the workspace.

Returns

Dictionary indicating ‘success’ or ‘error’

delete()

The delete operation deletes a portal-to-portal collaboration from the host portal. This stops any sharing set up from the collaboration. The collaboration will be removed on guest portals on the next refresh of their content based on the collaboration sharing schedule. Guests cannot delete collaborations, but they can discontinue participation in a collaboration via the removeParticipation endpoint.

delete_schedule(workspace_id)

Removes the scheduling job for synchronized items in a collaboration workspace.

Parameter

Description

workspace_id

Required string. Workspace ID to remove from the link.

Returns

Boolean. True if successful else False.

export_invitation(out_folder)

The exportInvitationResponse operation exports a collaboration invitation response file from a collaboration guest portal. The exported response file must be sent via email or through other communication channels that are established in your organization to the inviting portal’s administrator. The inviting portal’s administrator will then import your response file to complete the establishment of trust between your portals. It is important that the contents of this response file are not intercepted and tampered with by any unknown entity.

Parameter

Description

out_folder

Required string. Save location of the file.

Returns

Dictionary indicating ‘success’ or ‘error’

get_invitation(invitation_id)

The get_invitation operation returns the information about an invitation to participate in a portal-to-portal collaboration for a particular invitation with the specified ID.

get_participant(portal_id)

The participant operation provides information about the collaboration participant with a specified ID.

get_workspace(workspace_id)

The workspace resource provides information about the collaboration workspace with a specified ID.

import_invitation_response(response_file, webauth_username=None, webauth_password=None, webauth_cert_file=None, webauth_cert_password=None)

The importInvitationResponse operation imports an invitation response file from a portal collaboration guest. The operation is performed on the portal that serves as the collaboration host. Once an invitation response is imported, trust between the host and the guest is established. Sharing of content between participants can proceed from this point.

Parameter

Description

response_file

Required string. File path to the response file.

webauth_username

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication user name.

webauth_password

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication password.

webauth_cert_file

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication certificate file.

webauth_cert_password

Optional string. If the collaboration host requires web-tier authentication, optionally use this parameter to provide the host’s web-tier authentication certificate password.

Returns

Dictionary indicating ‘success’ or ‘error’

invalidate(invitation_id)

The invalidate operation invalidates a previously generated portal-to-portal collaboration invitation. If a guest accepts this invitation and sends an invitation response for it, the response will not import successfully on the collaboration host.

property invitations

The invitations operation returns the invitation information for all the invitations generated by a portal-to-portal collaboration host.

invite_participant(config_json, expiration=24, guest_portal_url=None, guest_gis=None, save_path=None)

As a collaboration host, once you have set up a new collaboration, you are ready to invite other portals as participants in your collaboration. The inviteParticipant operation allows you to invite other portals to your collaboration by creating an invitation file. You need to send this invitation file to the administrator of the portal you are inviting to your collaboration. This can be done via email or through other communication channels that are established in your organization. It is important that the contents of this invitation file are not intercepted and tampered with by any unknown entity. The invitation file is in the format collaboration-<guestHostDomain>.invite. The administrator of the participant will accept the invitation by importing the invitation file into their portal. Their acceptance is returned to you as another file that you must import into your portal using the import_invitation_response operation. This will establish trust between your portal and that of your participant.

Parameter

Description

config_json

Required dict. A dict containing a map of access modes for the participant in each of the collaboration workspaces. Defined as: send | receive | sendAndReceive

Example

config_json = [

{“workspace_id” : “send”}, {“workspace_id2” : “receive”}, {“workspace_id3” : “sendAndReceive”}

]

expiration

Optional integer. The time in UTC when the invitation to collaborate should expire.

guest_portal_url

Optional string. The URL of the participating org or Enterprise that you want to invite to the collaboration.

guest_gis

Optional GIS. GIS object to the guest collaboration site.

save_path

Optional string. Path to download the invitation file to.

Returns

Contents of a file that contains the invitation information

participants()

The participants resource provides information about all of the participants in a portal-to-portal collaboration.

pause_schedule(workspace_id)

Suspends the scheduling job for synchronized items in a collaboration workspace.

Parameter

Description

workspace_id

Required string. Workspace ID to remove from the link.

Returns

Boolean. True if successful else False

refresh(invitation_id)

The refresh operation refreshes a previously generated portal-to-portal collaboration invitation. The new invitation file is provided via a multipart POST response. The expiration for the invitation is extended an additional 72 hours from the current time.

Parameter

Description

invitation_id

Required string. ID of the invitation to refresh

Returns

Dictionary indicating ‘success’ or ‘error’

remove_participant(portal_id)

The remove operation allows a collaboration host to remove a participant from a portal-to-portal collaboration.

Parameter

Description

portal_id

Required string. ID of the portal to remove.

Returns

Dictionary indicating ‘success’ or ‘error’

remove_participation()

The removeParticipation operation removes collaboration participation by a guest from a collaboration, allowing a guest to exit a collaboration. This immediately disables further replication of data to and from the portal and the other collaboration participants.

The remove_portal_group_link operation removes the link between a collaboration workspace and a portal group. Replication of content discontinues when the link is removed.

Parameter

Description

workspace_id

Required string. Workspace ID to remove from the link.

Returns

Dictionary indicating ‘success’ or ‘error’

remove_workspace(workspace_id)

The delete operation deletes a collaboration workspace. This immediately disables further replication of data to and from the portal and the collaboration participants.

Parameter

Description

workspace_id

Optional string. UID of the workspace to remove from the collaboration.

Returns

Dictionary indicating ‘success’ or ‘error’

resume_schedule(workspace_id)

Resumes a paused scheduled synchronization.

Parameter

Description

workspace_id

Required string. Workspace ID to remove from the link.

Returns

Boolean. True if successful else False.

schedule(workspace_id)

Collaboration guests can use the schedule resource to return a job schedule for synchronized items in a collaboration workspace. The response is a single JSON object that represents a job schedule.

Parameter

Description

workspace_id

Required string. Workspace ID to remove from the link.

Returns

A dictionary of the job schedule

sync(workspace_id, run_async=False)

The sync endpoint is provided to allow execution of a data sync on a particular workspace. The operation is allowed on the participant that is designated to initiate sync operations as determined during trust establishment between the collaboration host and a guest participant. Typically, the guest participant is designated to initiate sync operations. Note that if a scheduled sync operation is already in progress a new sync is not started unless the current sync operation is finished.

When running sync in synchronous mode, the client will be blocked until the operation is completed. Invoking sync in synchronous mode is good for quickly syncing an item (that is not large) if the client does not want to wait for the next scheduled sync.

Asynchronous mode allows a client to get response immediately so it does not have to wait and is not blocked from performing other tasks.

Parameter

Description

workspace_id

Required string. Workspace ID to remove from the link.

run_async

Optional Boolean. When true, the job will run asynchronously.

Returns

Dictionary indicating ‘success’ or ‘error’

sync_details(workspace_id, sync_id)

Provides a detailed description of status for a selected sync ID.

Parameter

Description

workspace_id

Required string. Workspace ID to examine sync jobs.

sync_id

Required String. When a sync is performed, an ID is generated to track the status of the synchronization of the collaboration.

Returns

Dictionary indicating ‘success’ or ‘error’

sync_status(workspace_id)

Provides a status summary of each scheduled sync for items in a collaboration workspace.

Parameter

Description

workspace_id

Required string. Workspace ID to examine sync jobs.

Returns

List[Dict]

update_access_modes(portal_id, workspace_access_json)

The update_access_modes operation updates the access mode for a specific participant in a portal-to-portal collaboration.

Parameter

Description

portal_id

Required string. UID of the Portal

workspace_access_json

Required dict/string. JSON describing the participant’s access mode.

Returns

Dictionary indicating ‘success’ or ‘error’

update_collaboration(name=None, description=None, config=None)

The updateInfo operation updates certain properties of a collaboration, primarily its name, description, and configuration properties. The updates are propagated to guests when the next scheduled refresh of content occurs.

Parameter

Description

name

Optional string. Name of the collaboration

description

Optional string. The description of the collaboration

config

Optional dict. The configuration properties of the collaboration

Returns

Dictionary indicating ‘success’ or ‘error’

update_item_delete_policy(participant_id, delete_contributed_items=False, delete_received_items=False)

The participants resource provides information about all of the participants in a portal-to-portal collaboration.

Parameter

Description

participant_id

Required String. The participant unique id to update.

delete_contributed_items

Optional Boolean. When a participant leaves or deletes a collaboration, this property determines whether contributed items will be deleted or maintained.

delete_received_items

Optional Boolean. When a participant leaves or deletes a collaboration, this property determines whether received items will be deleted or maintained.

Returns

Dictionary indicating ‘success’ or ‘error’

The update_portal_group_link operation updates the group linked with a workspace for a participant in a portal-to-portal collaboration. Content shared to the portal group is shared to other participants in the collaboration.

Parameter

Description

workspace_id

Required string. UID of the workspace

portal_id

Required string. UID of the Portal

enable_realtime_sync

Optional boolean. Determines whether the content shared with the group is shared to other collaboration participants in real time, updating whenever changes are made, or whether the content is shared based on a schedule set by the collaboration host.

copy_feature_service_data

Optional boolean. Boolean value used when Feature Service data is shared in a group that is linked to a distributed collaboration workspace. When set to “true” Feature Service data will be copied to collaboration participants.

copy_by_ref_on_fail

Optional boolean. If the copy feature service data fails, and set to True, the enterprise will reference the data instead of copying it. This is supported on 10.9+.

enable_bidirectional_sync

Optional boolean. When set to true, edits to shared feature services can be allowed two-way to eligible participants. This is supported on 10.9+.

Returns

Dictionary indicating ‘success’ or ‘error’

update_schedule(workspace_id, start_time, interval=24, repeat_count=- 1)

Collaboration guests can use the schedule resource to return a job schedule for synchronized items in a collaboration workspace. The response is a single JSON object that represents a job schedule.

Parameter

Description

workspace_id

Required string. Workspace ID to remove from the link.

start_time

Required Integer. A job’s scheduled start time. The startTime is in Unix time in milliseconds. The default is the current time of the request call.

interval

Optional Integer. A positive integer that represents time (in hours) between each job trigger. The default interval is 24 hours.

repeat_count

Optional Integer. A positive integer or -1 which represents how many times to keep re-triggering this job after which it will be automatically deleted. The default is -1 which means repeat indefinitely.

Returns

Boolean. True if successful else False.

update_workspace(workspace_id, name=None, description=None, config=None, max_item_size=None, max_replication_size=None, copy_by_ref_on_fail=False)

The updateInfo operation updates certain collaboration workspace properties.

Parameter

Description

workspace_id

Required string. UID of the workspace

name

Optional string. The name of the workspace

description

Optional string. A brief set of texts that explains the workspace

config

Optional dict. The configuration details of the new workspace. Removed at 10.6.

max_item_size

Optional Integer. The maximum item size in MBs.

max_replication_size

Optional Integer. The maximum replication item size in MBs.

copy_by_ref_on_fail

Optional Boolean. Determines whether a failed attempt to copy should revert to sharing by reference. For example, in cases where the imposed size limit has been exceeded.

Returns

Dictionary indicating ‘success’ or ‘error’

validate_invitation_response(response_file)

Prior to importing a collaboration invitation response, the invitation response file can be validated by using the validate_invitation_response operation to check for the existence of the collaboration and validity of the invitation response file.

Parameter

Description

response_file

Required string. Path to the collaboration response file.

Returns

Dictionary indicating ‘success’ or ‘error’

property workspaces

The workspaces resource lists all the workspaces in a given collaboration. A workspace is a virtual space in the collaboration to which each participating portal is either sending or receiving content. Workspaces can only be created by the collaboration owner.

CreditManager

class arcgis.gis.admin.CreditManager(gis)

Bases: object

Manages an ArcGIS Online organization’s credits for users and sites

Example Usage

from arcgis.gis import GIS
gis = GIS(profile='agol_account')
cm = gis.admin.credits
cm.allocate("user1", 100)
allocate(username, credits=None)

Allows organization administrators to allocate credits for organizational users in ArcGIS Online

Parameter

Description

username

Required string.The name of the user to assign credits to.

credits

Optional float. The number of credits to assign to a user. If None is provided, it sets user to unlimited credits.

Returns

Boolean. True if successful else False

credit_usage(start_time=None, end_time=None, time_frame='week')

returns the total credit consumption for a given time period.

arguements

description

start_time

datetime.datetime object. This is the date to start at.

end_time

datetime.datetime object. This is the stop time to look for credit consumption. It needs to be at least 1 day previous than then start_time.

time_frame

Optional string. is the timeframe report to create. Allowed values: today, week (default), 14days, 30days, 60days, 90days, 6months, year

If end_time is specified, this parameter is ignored.

returns: dictionary

property credits

returns the current number of credits on the GIS

deallocate(username)

Allows organization administrators to set credit limit to umlimited for organizational users in ArcGIS Online

Parameter

Description

username

Required string.The name of the user to set to unlimited credits.

Returns

Boolean. True if successful else False

property default_limit

Gets/Sets the default credit allocation for ArcGIS Online

disable()

disables credit allocation on ArcGIS Online

enable()

enables credit allocation on ArcGIS Online

property is_enabled
Returns

A boolean that shows whether the organization has credit budgeting enabled.

License

class arcgis.gis.admin.License(gis, info)

Bases: object

Represents a single entitlement for a given organization.

Parameter

Description

gis

Required GIS, the gis connection object

info

Required dictionary, the information provided by the organization’s site containing the provision and listing information.

Returns

License object

all()

returns a list of all usernames and their entitlements for this license

assign(username, entitlements, suppress_email=True, overwrite=True)

grants a user an entitlement.

Parameter

Description

username

Required string, the name of the user you wish to assign an entitlement to.

entitlements

Required list of strings or strings, of entitlements values.

suppress_email

Optional boolean, if True, the org will not notify a user that their entitlements has changed (default) If False, the org will send an email notifying a user that their entitlements have changed.

overwrite

Optional boolean, if True, existing entitlements for the user are dropped

Returns

Boolean. True if successful else False.

check(user)

Checks if the entitlement is assigned or not.

Parameter

Description

user

Required string, the name of the user you want to examine the entitlements for.

Returns

list

plot()

returns a simple bar chart of assigned and remaining entitlements

property properties
property report

returns a Panda’s Dataframe of the licensing count.

revoke(username, entitlements, suppress_email=True)

removes a specific license from a given entitlement

Parameter

Description

username

Required string, the name of the user you wish to assign an entitlement to.

entitlments

Required list of strings or string, a list of entitlements values, if * is given, all entitlements will be revoked

suppress_email

Optional boolean, if True, the org will not notify a user that their entitlements has changed (default) If False, the org will send an email notifying a user that their entitlements have changed.

Returns

boolean

user_entitlement(username)

Checks if a user has the entitlement assigned to them

Parameter

Description

username

Required string, the name of the user you want to examine the entitlements for.

Returns

dictionary

LicenseManager

class arcgis.gis.admin.LicenseManager(url, gis=None, initialize=True, **kwargs)

Bases: arcgis.gis.admin._base.BasePortalAdmin

Provides tools to work and manage licenses in ArcGIS Online and ArcGIS Enterprise (Portal)

Parameter

Description

url

required string, the web address of the site to manage licenses. example: https://<org url>/<wa>/sharing/rest/portals/self/purchases

gis

required GIS, the gis connection object

Returns

LicenseManager Object

all()

Returns all Licenses registered with an organization

Returns

List of License objects

property bundles

Returns a list of Application Bundles for an Organization

Returns

List of Bundle objects

get(name)

Retrieves a license by it’s name (title)

Parameter

Description

name

required string, name of the entitlement to locate on the organization. example: name=”arcgis pro”

Returns

List of License objects

property offline_pro

Administrators can get/set the disconnect settings for the ArcGIS Pro licensing. A value of True means that a user can check out a license from the enterprise inorder to use it in a disconnected setting. By setting offline_pro to False, the enterprise users cannot check out licenses to work in a disconnected setting for ArcGIS Pro.

Parameter

Description

value

Required bool. Value: True | False

Returns

Boolean

provisions(user, all_available=False, included_expired=True, return_client_ids=False)

Allows administrators to manage a user’s list of provsional Add-On Licenses.

LivingAtlas

class arcgis.gis.admin.LivingAtlas(url, gis)

Living Atlas of the World content is a collection of authoritative, ready-to-use, global geographic content available from ArcGIS Online. The content includes valuable maps, data layers, tools, services and apps for geographic analysis. When you make Living Atlas content available to your portal members, you’re providing them with ready-made content that they can use alone or in combination with their own content to create maps, scenes, and apps and perform analysis in the portal Map Viewer or Insights for ArcGIS.

Note

Your portal must have access to the Internet to use Living Atlas content from ArcGIS Online

Types of content available All the Living Atlas content you access from Portal for ArcGIS was created by Esri. If your portal can connect to the Internet, the following three levels of Living Atlas content are available to you from ArcGIS Online:

Content Type

Description

Default

Content that does not require you to sign in to an ArcGIS Online account. Available by default in ArcGIS Enterprise.

Subscriber

Subscriber content is the collection of ready-to-use map layers, analytic tools, and services published by Esri that requires an ArcGIS Online organizational subscription account to access. This includes layers from Esri such as Landsat 8 imagery, NAIP imagery, landscape analysis layers, and historical maps. Subscriber content is provided as part of your organizational subscription and does not consume any credits.

Premium

Premium content is a type of subscriber content that requires an ArcGIS Online organizational subscription account to access and consumes credits. Access and credit information is listed in the description details for each item. Premium content provides portal members with access to ready-to-use content such as demographic and lifestyle maps as well as tools for geocoding, geoenrichment, network analysis, elevation analysis, and spatial analysis.

See Configure Living Atlas content: Types of Content Available for complete details.

Portal administrators do not need to create this class directly in most circumstances. Instead, first access the PortalAdminManager using the admin property of the GIS. Then use the living_atlas property to return a LivingAtlas object.

ent_living_atlas = gis.admin.living_atlas

To create an instance directly:

Parameter

Description

url

required string, the web address of the site to manage licenses.

gis

required GIS object.

ent_living_atlas = LivingAtlas(url="https://portal_url/web_adaptor/portaladmin/system/content/livingatlas"
                               gis=gis)
disable_premium_atlas()

Disables the Premium Living Atlas Content for a local portal.

>>> living_atlas = gis.admin.living_atlas

>>> living_atlas.disable_premium_atlas()

    True

>>> living_atlas.status(liv_atl_group)

    {'publicContentEnabled': True,
     'subscriberContentEnabled': True,
     'premiumContentEnabled': False,
     'publicContentShared': True,
     'subscriberContentShared': True,
     'premiumContentShared': False,
     'subscriberContentUsername': 'demos_deldev',
     'subscriberUserValid': 'Valid',
     'premiumContentUsername': None,
     'premiumUserValid': 'UnKnown',
     'upgraded': True}
disable_public_access()

Disables the Public Living Atlas content.

Returns

Boolean. True means disabled, False means failure to disable.

disable_subscriber_atlas()

Disables the Subscriber level Living Atlas Content for a local portal.

enable_premium_atlas(username, password)

Enables the Premium Living Atlas Content for a local portal.

Premium content is a type of subscriber content that requires an ArcGIS Online organizational subscription account to access and consumes credits. Access and credit information is listed in the description details for each item. Premium content provides portal members with access to ready-to-use content such as demographic and lifestyle maps as well as tools for geocoding, geoenrichment, network analysis, elevation analysis, and spatial analysis.

Parameter

Description

username

required string, username for ArcGIS Online

password

required string, login password for ArcGIS Online account

Note

This will cost you credits.

>>> ent_living_atlas = gis.admin.living_atlas

>>> liv_atl_groups = ent_living_atlas.groups
>>> liv_atl_groups

    [<Group title:"Living Atlas" owner:esri_livingatlas>,
     <Group title:"Living Atlas Analysis Layers" owner:esri_livingatlas>]

>>> liv_atl_group = liv_atl_groups[0]

>>> living_atlas.status(liv_atl_group)

     {'publicContentEnabled': True,
      'subscriberContentEnabled': True,
      'premiumContentEnabled': False,
      'publicContentShared': True,
      'subscriberContentShared': True,
      'premiumContentShared': False,
      'subscriberContentUsername': 'demos_deldev',
      'subscriberUserValid': 'Valid',
      'premiumContentUsername': None,
      'premiumUserValid': 'UnKnown',
      'upgraded': True}

>>> living_atlas.enable_premium_atlas("org_admin",
                                      "org_admin_password")

       True

>>> living_atlas.status(liv_atl_group)

     {'publicContentEnabled': True,
      'subscriberContentEnabled': True,
      'premiumContentEnabled': True,
      'publicContentShared': True,
      'subscriberContentShared': True,
      'premiumContentShared': True,
      'subscriberContentUsername': 'demos_deldev',
      'subscriberUserValid': 'Valid',
      'premiumContentUsername': 'arcgispyapibot',
      'premiumUserValid': 'InValid',
      'upgraded': True}
enable_public_access()

Enables the Public Living Atlas content.

Living Atlas of the World content is a collection of authoritative, ready-to-use, global geographic content available from ArcGIS Online. The content includes valuable maps, data layers, tools, services and apps for geographic analysis.

Returns

Boolean. True if enabled. False if failed to enable.

enable_subscriber_atlas(username, password)

Enables the Subscriber level Living Atlas Content for an ArcGIS Enterprise portal.

Subscriber content is the collection of ready-to-use map layers, analytic tools, and services published by Esri that requires an ArcGIS Online organizational subscription account to access. This includes layers from Esri such as Landsat 8 imagery, NAIP imagery, landscape analysis layers, and historical maps. Subscriber content is provided as part of your organizational subscription and does not consume any credits. Layers included in the Living Atlas subscriber content are suitable for use with analysis tools.

Parameter

Description

username

required string, username for ArcGIS Online

password

required string, login password for the specific ArcGIS Online account

Note

Use of these layers will not incur a credit cost for your organization.

property groups

returns a list of all living atlas groups

status(group)

Returns information about the sharing status of the Living Atlas with the group.

Parameter

Description

group

required string or Group object

>>> ent_living_atlas = gis.admin.living_atlas

>>> liv_atl_groups = ent_living_atlas.groups
>>> liv_atl_groups

    [<Group title:"Living Atlas" owner:esri_livingatlas>,
     <Group title:"Living Atlas Analysis Layers" owner:esri_livingatlas>]

>>> liv_atl_group = liv_atl_groups[0]

>>> living_atlas.status(liv_atl_group)

     {'publicContentEnabled': True,
      'subscriberContentEnabled': True,
      'premiumContentEnabled': False,
      'publicContentShared': True,
      'subscriberContentShared': True,
      'premiumContentShared': False,
      'subscriberContentUsername': 'demos_deldev',
      'subscriberUserValid': 'Valid',
      'premiumContentUsername': None,
      'premiumUserValid': 'UnKnown',
      'upgraded': True}
update_premium_account(username, password)

Updates the Username/Password for the Living Atlas Premium User. The account must be an ArcGIS Online account.

Parameter

Description

username

Required string. The user who will be used for to access the subscriber Living Atlas content.

password

Required string. The credentials for the user above.

Returns

Boolean. True if successful else False.

update_subscriber_account(username, password)

Updates the Username/Password for the Living Atlas Subscriber User. The account must be an ArcGIS Online account.

Parameter

Description

username

Required string. The user who will be used for to access the subscriber Living Atlas content.

password

Required string. The credentials for the user above.

Returns

Boolean. True if successful else False.

upgrade()

Upgrades the Living Atlas Group to the latest version of the Living Atlas data. See Living Atlas content life cycles and updates for details.

Returns

Boolean

validate_credentials(username, password, online_url=None)

Ensures the arguments contain valid credentials to access an active ArcGIS Online Organization.

Parameter

Description

username

required string, username for ArcGIS Online

password

required string, login password for ArcGIS Online account

online_url

optional string, Url to ArcGIS Online site. default is https://www.arcgis.com

Returns

Boolean. True if successful else False.

IdentityProviderManager

class arcgis.gis.admin.IdentityProviderManager(gis=None)

Bases: object

Manages and Updates the SAML identity provider configuration for a given GIS.

property configuration

Gets, updates, or Adds a SAML provider

Arguement

Value

value

required dictionary. This property sets, updates or deletes an IDP configuration for a given GIS.

To configure an IDP, provide the key/value Example:

idp.configuration = {‘name’ : ‘Enterprise IDP’, ‘idpMetadataFile’ : ‘metadata.xml’}

Once a site has been configured to use IDP, the configuration can be updated by passing in the key/value pair dictionary. Example:

idp.configuration = {‘name’ : ‘Acme IDP Login’}

To erase an IDP configuration, set the value to None Example:

idp.configuration = None

Everytime the IDP configuration is updated, the changes can be seen by calling the ‘configuration’ property and the new results will be returned as a dictionary.

Key:Value Dictionary for Argument value

Key

Value

bindingPostUrl

Optional string. If the idpMetadataFile isn’t specified when an administrator, this parameter is required. It is federated identity provider post url.

bindingUrl

Optional string. If the idpMetadataFile isn’t specified when an administrator, this parameter is required. It is federated identity provider url that we have to redirect the user to login to.

certificate

Optional string. the X509Certificate that needs to be used to validate the SamlResponse from the identity provider.

encryptionCertificate

Optional string. the X509Certificate that needs to be used to validate the SamlResponse from the identity provider.

encryptionSupported

Optional bool. Tells is the SAML provider supports encryption.

entityId

Optional string. Name of the entity ID.

groups

Optional list. List of group ids that users will be put in on when they signup to join the GIS.

id

Optional string. unique identifier of the IDP provider.

idpMetadataFile

Optional string. In the case the URL is not accessible, then the same IDP Metadata file can be uploaded.

level

Optional integer. Either value 1 or 2. The default level a user will be created as. The default is 2.

logoutUrl

Optional string. The logout SAML url.

name

Optional string. It is the name of the organization’s federated identity provider. This is also the name we show up in the Signin page.

roleId

Optional string. Default role new users will be.

signUpMode

Optional string. This is how new users are added to the GIS. There are two modes: Invitation, Automatic Invitation user needs to get an invitation and then signin through federated identity provider. With Automatic all users that signin through the federated identity provider will be added as a user. The privilege/role is set to ‘user’ Default is Invitation.

supportSignedRequest

Optional boolean. Determines if signed requests are supported from the provider.

supportsLogoutRequest

Optional boolean. Determines if logout requests are accepted.

updateProfileAtSignin

Optional boolean. If True, users have to update the profile.

useSHA256

Optional boolean. If set to true, SHA256 encryption will be used.

userCreditAssignment

Optional integer. Assigns a set number of credits to new users. The default is -1 (infinite).

property properties

returns the properties of the IDP configuration

PasswordPolicy

class arcgis.gis.admin.PasswordPolicy(url, gis=None, **kwargs)

Bases: arcgis.gis.admin._base.BasePortalAdmin

Manages a GIS Security Policy. Administrators can view, update or reset the site’s security policy.

property policy

gets/sets the current security policy

reset()

resets the security policy to the default install settings

PortalResourceManager

class arcgis.gis.admin.PortalResourceManager(gis)

Bases: object

Helper class to manage a GIS’ resources

Parameter

Description

gis

required GIS, connection to ArcGIS Online or ArcGIS Enterprise

add(key=None, path=None, text=None, **kwargs)

The add resource operation allows the administrator to add a file resource, for example, the organization’s logo or custom banner. The resource can be used by any member of the organization. File resources use storage space from your quota and are scanned for viruses.

Parameter

Description

key

optional string, look up key for file

path

optional string, file path to the local resource to upload

text

optional string, text value to add to the site’s resources

access

optional string, sets the access level for the resource. The default is ‘public’. Values: public, org, orgprivate

Returns

boolean

delete(key)

The Remove Resource operation allows the administrator to remove a file resource.

Parameter

Description

key

optional string, look up key for file to delete

Returns

boolean

get(resource_name, download_path=None)

Download or get a portal resource item

Parameter

Description

resource_name

optional string, key/name of data

download_path

optional string, save folder location

Returns

path to data or raw data if not file.

list(start=1, num=100)

returns a list of resources uploaded to portal. The items can be images, files and other content used to stylize and modify a portal’s appearance.

Parameter

Description

start

optional int, start location of the search. The default is a value of 1

num

optional int, the number of search results to return at one time. The value ranges between 1-100 (max). Default: 100

Returns

boolean

UX

class arcgis.gis.admin.UX(gis)

Bases: object

Helper class for modifying common org settings. This class is not created by users directly. An instance of the class, called ‘ux’, is available as a property of the GIS object. Users call methods on this ‘ux’ object to set informational banner, background, logo, name etc. There are also other helper classes to call from this. By calling the ‘org_map_editor’ or ‘homepage_editor’ more methods can be found to change org settings specific to those categories.

property admin_contacts

An array of chosen administrators listed as points of contact whose email addresses will be listed as points of contact in the automatic email notifications sent to org members when they request password resets, help with their user names, modifications to their accounts, or any issues related to the allocation of credits to their accounts.

Get and set the contact link for the site.

property default_basemap

Deprecated since version 2.1.0: This was removed in 3.0.0.

Get/Set the site’s default basemap.

The Default Basemap opens when users click New Map. Set the group in the Basemap Gallery above and choose the map to open. It will open at the default extent you set.

Parameter

Description

basemap

Required string. The new default basemap to set. If None, the default value will be set.

Returns

dictionary

property default_extent

Deprecated since version 2.1.0: This was removed in 3.0.0.

Get/Set the site’s default extent

Parameter

Description

extent

Required dictionary. The default extent defines where a webmap will open. If a value of None is given, the default extent will be provided. Example Extent (default): {“type”:”extent”,”xmin”:-17999999.999994524,”ymin”:-11999999.999991827, “xmax”:17999999.999994524,”ymax”:15999999.999982955, “spatialReference”:{“wkid”:102100}}

Returns

dictionary

property description

Get/Set the site’s description.

Parameter

Description

description

Required string. Descriptive text of the site. If None, the value is reset to default.

Returns

dictionary

property description_visibility

Get/Set the site’s description visibility

Parameter

Description

visiblity

Required boolean. If True, the desciptive text will show on the home page. If False, the descriptive text will not be displayed

Returns

boolean or error

property enable_comments

Deprecated since version 2.1.0: This was removed in 3.0.0.

Get/Set item commenting and comments.

Parameter

Description

enable

Optional boolean. If True, the comments for the site are turned on. False will disable comments (default)

Returns

True if enabled, False if disabled

property featured_content

Gets/Sets the featured content group information.

Parameter

Description

content

Required dictionary, defines the group and count of the feature content area on an organizational site. A value of None will reset the value back to the install defaults. Example: {‘group’: <group id>, ‘count’ : 12}

Returns

dictionary

property gallery_group

The gallery highlights your organization’s content. Choose a group whose content will be shown in the gallery. To change the group, assign either an instance of Group or the group id. Setting to None will revert to default.

Returns

An instance of Group if a group is set, else the default or None

get_background(download_path)

Deprecated since version 2.1.0: This was removed in 3.0.0.

Get your organization’s home page background image. You can use the set_background() method to set an image as the home page background image.

For more information, refer to http://server.arcgis.com/en/portal/latest/administer/windows/configure-home.htm

Parameter

Description

download_path

required string. Folder path to download the background file.

Returns

Path to downloaded background file. If None, then background is not set and nothing was downloaded.

get_banner(download_path)

Deprecated since version 2.1.0: This was removed in 3.0.0.

Get your organization’s home page banner image. You can use the set_banner() method to set an image or custom HTML code as your banner.

Note

This method has been replaced with the get_informational_banner method.

Parameter

Description

download_path

required string. Folder path to download the banner file.

Returns

Path to downloaded banner file. If None, then banner is not set and nothing was downloaded.

Get your organization’s logo/thumbnail. You can use the set_logo() method to set an image as your logo.

Parameter

Description

download_path

required string. Folder path to download the logo file.

Returns

Path to downloaded logo file. If None, then logo is not set and nothing was downloaded.

property help_source

Toggle if the help source is turned on (True) or off (False). It provides the base URL for your organization’s help documentation.

property homepage_settings

Get an instance of the HomePageSettings class to make edits to the org’s homepage such as the background, title, logo, etc.

property item_settings

Get an instance of the ItemSettings class to make edits to the org’s default map settings such as comments, metadata, etc.

property map_settings

Get an instance of the MapSettings class to make edits to the org’s default map settings such as extent, basemap, etc.

property name

Get/Set the site’s name.

Parameter

Description

name

required string. Name of the site.

Returns

string of the name of the site

navigation_bar(gallery=None, map=None, scene=None, groups=None, search=None)

Set the visibility of the content in the navigation bar. To get the current navigation bar settings do not pass in any values for the parameters.

Note

The Home link is always visible to everyone. The Content link is always visible to members. Member roles determine Organization link visibility.

Parameter

Description

gallery

Optional string. Values: “all” | “members” | “noOne”

map

Optional string. Values: “all” | “members” | “mapCreators”

scene

Optional string. Values: “all” | “members” | “sceneCreators”

groups

Optional string. Values: “all” | “members”

search

Optional string. Values: “all” | “members”

Returns

Dictionary of the navigation bar and it’s settings.

property security_settings

Get an instance of the SecuritySettings class to make edits to the org’s default map settings such as informational banner, password policy, etc.

set_background(background_file=None, is_built_in=True)

Deprecated since version 2.1.0: This was removed in 3.0.0.

Configure your home page by setting the organization’s background image. You can choose no image, a built-in image or upload your own. If you upload your own image, the image is positioned at the top and center of the page. The image repeats horizontally if it is smaller than the browser or device window. For best results, if you want a single, nonrepeating background image, the image should be 1,920 pixels wide (or smaller if your users are on smaller screens). The website does not resize the image. You can upload a file up to 1 MB in size.

For more information, refer to http://server.arcgis.com/en/portal/latest/administer/windows/configure-home.htm

Parameter

Description

background_file

Optional string. If using a custom background, specify path to image file. To remove an existing background, specify None for this argument and False for is_built_in argument.

is_built_in

Optional bool, default=True. The built-in background is set by default. If uploading a custom image, this parameter is ignored.

Returns

True | False

set_banner(banner_file=None, is_built_in=False, custom_html=None)

Deprecated since version 2.1.0: This was removed in 3.0.0.

Configure your home page by setting the organization’s banner. You can choose one of the 5 built-in banners or upload your own. For best results the dimensions of the banner image should be 960 x 180 pixels. You can also specify a custom html for how the banner space should appear. For more information, refer to http://server.arcgis.com/en/portal/latest/administer/windows/configure-home.htm

Note

This has now been replaced by the set_informational_banner method

Parameter

Description

banner_file

Optional string. If uploading a custom banner, then path to the banner file. If using a built-in banner, valid values are banner-1, banner-2, banner-3, banner-4, banner-5. If None, existing banner is remove.

is_built_in

Optional bool, default=False. Specify True if using a built-in banner file.

custom_html

Optional string. Specify exactly how the banner should appear in html. For help on this, refer to http://server.arcgis.com/en/portal/latest/administer/windows/supported-html.htm

Returns

True | False

Configure your home page by setting the organization’s logo image. For best results the logo file should be 65 x 65 pixels in dimension.

For more information, refer to http://server.arcgis.com/en/portal/latest/administer/windows/configure-general.htm

Parameter

Description

logo_file

Optional string. Specify path to image file. If None, existing thumbnail is removed.

show_logo

Optional bool. Specify whether the logo is visible on the homepage or not.

Returns

True | False

set_org_language(language, format=None)

Choose the default language for members of your organization. This choice affects the user interface as well as the way time, date, and numerical values appear. Individual members can customize this choice on their settings page.

Parameter

Description

language

Required string. To see all available languages, use the languages property in the GIS class.

format

Optional string. Determine the culture format to be used depending on the language. To see the culture formats available, use the languages property in the GIS class and look at the ‘cultureFormats’ key for each language.

Returns

True | False

shared_theme(header=None, button=None, body=None, logo=None)

Use the shared theme to apply your organization’s brand colors and logo to information products created from ArcGIS Configurable Apps templates, Web AppBuilder, and Enterprise Sites. To see the current settings, call the method with no parameters passed in.

Parameter

Description

header

Optional dict. Composed of two keys: “background” and “text” that determine the shared theme color for each of these keys. Color can be passed in a hexadecimal string.

ex: header = {“background” : “#0d7bba”, “text” : “#000000”}

button

Optional dict. Composed of two keys: “background” and “text” that determine the shared theme color for each of these keys.

body

Optional dict. Composed of three keys: “background”, “text” and “link” that determine the shared theme color for each of these keys.

logo

Optional str. The file path or link to the image that will be uploaded as the shared theme logo. To remove the logo and not replace it then pass in: “”

Returns

Dictionary of the shared theme that is set on the org.

property summary

Allows the get/setting of a brief summary to describe your organization on the sign in page associated with its custom apps and sites. This summary has a maximum of 310 characters.

Parameter

Description

text

Required string. The brief description of the organization.

Returns

string

property vector_basemap

Deprecated since version 2.1.0: This was removed in 3.0.0.

Get/Set the default vector basemap

Parameter

Description

basemap

required dictionary. The new default vector basemap to set for a given site.

Returns

The current default vector basemap

EmailManager

class arcgis.gis.admin.EmailManager(url, gis=None, **kwargs)

Bases: arcgis.gis.admin._base.BasePortalAdmin

delete()

Deletes the current email configuration

Returns

Boolean. True if successful else False.

test(email)

Sends a test email to a provided email account to ensure the configuration is correct.

Parameter

Description

email

Required String. The test email to send to.

Returns

Boolean. True if successful else False.

update(server, from_email, require_auth, email_label=None, port=25, encryption='SSL', username=None, password=None)

Configures the Email Server for Portal

Parameter

Description

server

Required String. The email address

from_email

Required String. The email address the email originates from.

require_auth

Required Boolean. If True, the smtp requires authentication and the username and password must be provided. If False, no authentication is needed for the smtp server.

email_label

Optional String. The email label.

port

Optional Integer. The port number for the smtp server.

encryption

Optional String. The encryption method used for the email server. The allowed values are: SSL, TLS, or NONE.

username

Optional String. The username to use to login to the smtp server.

Password

Optional String. The password to use to login to the smtp server.

Returns

Boolean. True if successful else False.

Federation

class arcgis.gis.admin.Federation(url, gis)

Bases: arcgis.gis.admin._base.BasePortalAdmin

This resource returns information about the ArcGIS Servers registered with Portal for ArcGIS.

federate(url, admin_url, username, password)

This operation enables ArcGIS Servers to be federated with Portal for ArcGIS.

Parameter

Description

url:

Required string. The URL of the GIS server used by external users when accessing the ArcGIS Server site. If the site includes the Web Adaptor, the URL includes the Web Adaptor address, for example, https://webadaptor.domain.com/arcgis. If you’ve added ArcGIS Server to your organization’s reverse proxy server, the URL is the reverse proxy server address (for example, https://reverseproxy.domain.com/myorg). Note that the federation operation will perform a validation check to determine if the provided URL is accessible from the server site. If the resulting validation check fails, a warning will be generated in the Portal for ArcGIS logs. However, federation will not fail if the URL is not validated, as the URL may not be accessible from the server site, such as is the case when the server site is behind a firewall.

admin_url

Required string. The URL used for accessing ArcGIS Server when performing administrative operations on the internal network, for example, https://gisserver.domain.com:6443/arcgis.

username

Required string. The username of the primary site administrator account

password

Required string. password of the username above.

Returns

Dictionary indicating ‘success’ or ‘error’

property servers

This resource returns detailed information about the ArcGIS Servers registered with Portal for ArcGIS, such as the ID of the server, name of the server, ArcGIS Web Adaptor URL, administration URL, and if the server is set as a hosting server.

unfederate(server_id)

This operation unfederates an ArcGIS Server from Portal for ArcGIS.

Parameter

Description

server_id

Required string. The unique ID of the server

Returns

Boolean. True if successful else False.

update(server_id, role, function=None)

This operation allows you to set an ArcGIS Server federated with Portal for ArcGIS as the hosting server or to enforce fine-grained access control to a federated server. You can also remove hosting server status from an ArcGIS Server. You can also remove hosting server status from an ArcGIS Server. To set a hosting server, an enterprise geodatabase must be registered as a managed database with the ArcGIS Server.

Parameter

Description

server_id

Required string. The unique ID of the server

role

Required string. Whether the server is a hosting server for the portal, a federated server, or a server with restricted access to publishing. The allowed values are: FEDERATED_SERVER, FEDERATED_SERVER_WITH_RESTRICTED_PUBLISHING, or HOSTING_SERVER.

function

Optional string. This is the purpose of the ArcGIS Server. Values are: GeoAnalytics, RasterAnalytics, ImageHosting, NotebookServer, MissionServer, WorkflowManager, or None

Returns

Dictionary indicating ‘success’ or ‘error’

validate(server_id)

This operation provides status information about a specific ArcGIS Server federated with Portal for ArcGIS.

Parameter

Description

server_id

Required string. The unique ID of the server

Returns

Dictionary

validate_all()

This operation returns information on the status of ArcGIS Servers registered with Portal for ArcGIS.

Indexer

class arcgis.gis.admin.Indexer(url, gis=None, **kwargs)

Bases: arcgis.gis.admin._base.BasePortalAdmin

This resource contains connection information to the default indexing service.

reconfigure()

This operation recreates the index service metadata, schema, and data in the event it becomes corrupted.

Returns

Boolean

reindex(mode, includes=None)

The operation allows you to generate or update the indexes for content, such as users, groups, and items stored in the database store.

Parameter

Description

mode

Required String. The mode in which the indexer should run. Values: USER_MODE, GROUP_MODE, SEARCH_MODE, or FULL_MODE

includes

Optional String. A comma separated list of elements to include in the index. This is useful if you want to only index certain items or user accounts.

Returns

Boolean

property status

status allows you to view the status of the indexing service. You can view the number of users, groups, and search items in both the database (store) and the index. If the database and index do not match, indexing is either in progress or there is a problem with the index. It is recommended that you reindex to correct any issues. If indexing is in progress, you can monitor the status by refreshing the page.

Returns

dict

Logs

class arcgis.gis.admin.Logs(url, gis)

Bases: arcgis.gis.admin._base.BasePortalAdmin

Logs are records written by various components of the portal. You can query the logs, clean the logs, and edit log settings.

Parameter

Description

gis

required GIS, portal connection object

url

required string, web address of the log resource

clean()

Deletes all the log files on the machine hosting Portal for ArcGIS. This operation allows you to free up disk space. The logs cannot be recovered after executing this operation.

USAGE: Clean logs from your Portal Admin API

from arcgis.gis import GIS
gis = GIS("https://yourportal.com/portal", "portaladmin", "password")
logs = gis.admin.logs
resp = logs.clean()
print(resp)

# Output
True
Returns

Boolean True or False depicting success

query(start_time, end_time=None, level='WARNING', query_filter='*', page_size=1000)

The query operation allows you to aggregate, filter, and page through logs written by the portal.

Parameter

Description

start_time

required datetime/float. The most recent time to query.

Local date corresponding to the POSIX timestamp, such as is returned by time.time(). This may raise OverflowError, if the timestamp is out of the range of values supported by the platform. It’s common for this to be restricted to years from 1970 through 2038. Time can be specified as a portal timestamp (format in “%Y-%m-%dT%H:%M:%S”) or in seconds since UNIX epoch. For :Examples: Datetime Object: datetime.datetime.now() Timestamp: “2015-08-01T15:17:20,123” Seconds: 1312237040.123/time.time() Default: datetime.datetime.now()

end_time

optional datetime/float, The oldest time to include in the result set. You can use this to limit the query to the last number of minutes, hours, days, months, and years as needed.

Local date corresponding to the POSIX timestamp, such as is returned by time.time(). This may raise OverflowError, if the timestamp is out of the range of values supported by the platform. It’s common for this to be restricted to years from 1970 through 2038.

Datetime Object: datetime.datetime.now() Timestamp: “2015-08-01T15:17:20,123” Seconds: 1312237040.123/time.time() Default: datetime.datetime.now()

level

optional string, Can be one of [OFF, SEVERE, WARNING, INFO, FINE, VERBOSE, DEBUG]. Returns only records with a log level at or more severe than the level specified. Default: WARNING

query_filter

optional dict, Filtering is allowed by any combination of codes, users, and source components. The filter accepts a comma delimited list of filter definitions. If any definition is omitted, it defaults to all (“*”). :Example:

{“codes”:[204000-205999,212015,219114], “users”:[“admin”,”jcho”], “source”: [“PORTAL ADMIN”]}

The source of logged events are generated from the sharing, administrative, and portal components of the software. For example:

  • Events related to publishing and users are categorized under SHARING.

  • Events related to security and indexing are categorized under PORTAL ADMIN.

  • Events related to installing the software are categorized under PORTAL.

page_size

optional integer, the number of log records to return. The default is 1000

Returns

dictionary of messages

property settings

Get/Set the current log settings for the portal.

Parameter

Description

value

required dictionary, the dictionary of the log settings

USAGE: Print out the Log Settings

from arcgis.gis import GIS
gis = GIS("https://yourportal.com/portal", "portaladmin", "password")
logs = gis.admin.logs
logsettings = logs.settings
for key, value in dict(logsettings).items():
    print("{} : {}".format(key, value))

# Output
logDir : C:\arcgisportal\logs
logLevel : INFO
maxErrorReportsCount : 10
maxLogFileAge : 90
usageMeteringEnabled : False
Returns

Dictionary of key/value pairs of log settings

Machines

class arcgis.gis.admin.Machines(url, gis, portaladmin, **kwargs)

Bases: arcgis.gis.admin._base.BasePortalAdmin

This resource lists all the portal machines in a site. Each portal machine has a status that indicates whether the machine is ready to accept requests.

get(name)

allows for retrieval of a single instance of Machine by it’s registered name.

list()

provides a list of all registered machines with the local GIS

Security

class arcgis.gis.admin.Security(url, gis=None, **kwargs)

This resource is an umbrella for a collection of system-wide resources for your portal. This resource provides access to the ArcGIS Web Adaptor configuration, portal directories, database management server, indexing capabilities, license information, and the properties of your portal.

property config

This operation can be used to update the portal’s security settings such as whether or not enterprise accounts are automatically registered as members of your ArcGIS organization the first time they accesses the portal. The security configuration is stored as a collection of properties in a JSON object. The following properties are supported:

  • enableAutomaticAccountCreation

  • disableServicesDirectory

  • defaultRoleForUser (introduced at ArcGIS 10.4)

The automatic account creation flag (enableAutomaticAccountCreation) determines the behavior for unregistered enterprise accounts the first time they access the portal. When the value for this property is set to false, first time users are not automatically registered as members of your ArcGIS organization, and have the same access privileges as other nonmembers. For these accounts to sign in, an administrator must register the enterprise accounts using the Create User operation. The default value for the enableAutomaticAccountCreation property is false. When this value is set to true, portal will add enterprise accounts automatically as members of your ArcGIS organization. The disableServicesDirectory property controls whether the HTML pages of the services directory should be accessible to the users. The default value for this property is false, meaning the services directory HTML pages are accessible to everyone. Use the defaultRoleForUser property to set which role the portal automatically assigns to new member accounts. By default, new accounts are assigned to account_user. Other possible values are account_publisher or the ID of one of the custom roles defined in the ArcGIS organization. To obtain the ID of a custom role,

  • Log in to the portal sharing directory.

  • Go to Portals > Self > Roles.

  • Copy the custom role ID you want to use.

The allowedProxyHosts property restricts what hosts the portal can access directly. This restriction applies to several scenarios, including when the portal accesses resources from a server that does not support Cross Origin Resource Sharing (CORS) or when saving credentials used to access a secure service. By default, this property is not defined and no restrictions are applied. Define the allowedProxyHosts with a comma-separated list of hostnames to restrict the hosts the portal can access directly. Use the format (.*).domain.com to allow access to all machines within a specified domain.

Example Value
{

“disableServicesDirectory”:false, “enableAutomaticAccountCreation”:true, “defaultRoleForUser”: 12aBC3D4EF5ghIJ

}

property enterpriseusers

provides access into managing enterprise users

Returns

EnterpriseUsers object

property groups

provides access to managing Enterprise Groups with Portal

Returns

EnterpriseGroups object

property oauth

The OAuth resource contains a set of operations that update the OAuth2-specific properties of registered applications in Portal for ArcGIS.

Returns

OAuth object

property ssl

Deprecated since version 2.1.0: This was removed in 3.0.0.

Note

It is best practice and highly recommended to use the ssl_certificates property on the Machine class.

Provides access to managing and updating SSL Certificates on a Portal site.

Returns

SSLCertificates object

property test_identity_store

This operation can be used to test the connection to a user or group store.

Parameter

Description

user_config

Optional dict. The user store configuration

group_config

Optional dict. The group store configuration

Returns

Dictionary indicating ‘success’ or ‘error’

property tokens

This resource represents the token configuration within your portal. Use the set on token_config operation to change the configuration properties of the token service.

Parameter

Description

value

Required string. A shared key value

Returns

Dictionary

update_identity_store(user_config=None, group_config=None)

You can use this operation to change the identity provider and group store configuration in your portal. When Portal for ArcGIS is first installed, it supports token-based authentication and built-in groups using the built-in identity store for accounts. To configure your portal to connect to your enterprise authentication mechanism and group store, it must be configured to use an enterprise identity store such as Windows Active Directory or LDAP.

See: https://developers.arcgis.com/rest/enterprise-administration/portal/update-identity-store.htm

Parameter

Description

user_config

Optional dict. The user store configuration

group_config

Optional dict. The group store configuration

Returns

Dictionary indicating ‘success’ or ‘error’

OAuth

class arcgis.gis.admin.OAuth(url, gis=None, **kwargs)

The OAuth resource contains a set of operations that update the OAuth2-specific properties of registered applications in Portal for ArcGIS.

property app_info

Every application registered with Portal for ArcGIS has a unique client ID and a list of redirect URIs that are used for OAuth. This operation returns these OAuth-specific properties of an application. You can use this information to update the redirect URIs by using the Update App Info operation.

update(current_id, new_id)

When new applications are registered with Portal for ArcGIS, a new client ID is generated for the application. This allows the application to access content from the portal. The new client ID does not work if the application developer has programmed against a specific ID. This operation can, therefore, be used to change the client ID to another value as specified by the application developer.

Parameter

Description

current_id

Required string. The current client ID of an existing application.

new_id

Required string. The new client ID to assign to the application.

Returns

Boolean. True if successful else False

SSLCertificate

class arcgis.gis.admin.SSLCertificate(url, gis=None, **kwargs)

represents a single registered certificate

delete()

This operation deletes an SSL certificate from the key store. Once a certificate is deleted, it cannot be retrieved or used to enable SSL.

export(out_path=None)

This operation downloads an SSL certificate. The file returned by the server is an X.509 certificate. The downloaded certificate can be imported into a client that is making HTTP requests.

Parameter

Description

out_path

Required string. Save location of the certificate

Returns

string

generate_csr()

This operation generates a certificate signing request (CSR) for a self-signed certificate. A CSR is required by a CA to create a digitally signed version of your certificate.

Returns

string

import_signed_certificate(file_path)

imports a certificate authority (CA) signed SSL certificate into the key store.

Parameter

Description

file_path

Required string. The location of the certificate

Returns

Dictionary indicating ‘success’ or ‘error’

SSLCertificates

class arcgis.gis.admin.SSLCertificates(url, gis=None, **kwargs)

Manages the Portal’s SSL Certificates

generate(alias, common_name, organization, key_algorithm='RSA', validity=90, key_size=2048, signature_algorithm='SHA256withRSA', unit='', city='', state='', country_code='', alt_name='')

Use this operation to create a self-signed certificate or as a starting point for getting a production-ready CA-signed certificate. The portal will generate a certificate for you and store it in its keystore.

Parameter

Description

alias

Required string. The name of the certificate. This is a required parameter.

common_name

Required string. The common name used to identify the server for which the certificate is to be generated. This is a required parameter.

organization

Required string. The name of the organization. This is a required parameter.

key_algorithm

Optional string. The algorithm used to generate the key pairs. The default is RSA.

validity

Optional integer. The expiration time for the certificate in days. The default is 90.

key_size

Optional integer. The size of the key. The default is 2048.

signature_algorithm

Optional string. The algorithm used to sign the self-signed certificates. The default is derived from the key_algorithm parameter.

unit

Optional string. The department within which this server resides.

city

Optional string. The name of the city

state

Optional string. The name of the state

country_code

Optional string. The two letter abbrevation of the country

alt_name

Optional string. The common name used to identify the server for which the certificate is to be generated. This is a required parameter.

Returns

boolean

get(alias_name)

gets a single SSLCertificate object by the alias name

Parameter

Description

alias_name

Required string. The common name of the certificate.

Returns

class

~arcgis.gis.admin.SSLCertificate object

USAGE: Print out information about a specific SSL Certificate by alias name

from arcgis.gis import GIS
gis = GIS("https://yourportal.com/portal", "portaladmin", "password")
# Get the SSL Certificate class
sslmgr = gis.admin.security.ssl
# Get a specific certificate alias and print information
ssl = sslmgr.get('portal')
for prop in ssl.properties:
    print(prop, ssl.properties[prop])]))

# Output
aliasName portal
issuer CN=YOURPORTAL.COM, OU=Self Signed Certificate
subject CN=YOURPORTAL.COM, OU=Self Signed Certificate
subjectAlternativeNames []
validFrom Fri Sep 15 07:46:45 EDT 2017
validUntil Sun Jul 24 07:46:45 EDT 2050
keyAlgorithm RSA
keySize 2048
serialNumber 503b23c6
version 3
signatureAlgorithm SHA256withRSA
keyUsage []
md5Fingerprint 76d695d72e46b30ea90013676d559faa
sha1Fingerprint 6f36513757c28ad43c2df5e4c7cee581ad18dd1e
sha256Fingerprint a051aab19d1ed8ceee7322572b3b1b2abd1ed680d0a1d81d0da84cf0e1a1b6cb
import_certificate(certificate, alias, norestart=False)

This operation imports a certificate authority’s (CA) root and intermediate certificates into the keystore. To create a production quality CA-signed certificate, you need to add the CA certificates into the keystore that enables the SSL mechanism to trust the CA (and the certificates it has signed). While most of the popular CA certificates are already available in the keystore, you can use this operation if you have a custom CA or specific intermediate certificates.

Parameter

Description

certificate

Required string. The file location of the certificate file

alias

Required string. The name of the certificate

norestart

Optional boolean. Determines if the portal should be prevented from restarting after importing the certificate. By default this is false and the portal will restart. Added in 10.6.

Returns

boolean

USAGE: Import a trusted CA or Intermediate SSL Certificate into Portal Admin API

from arcgis.gis import GIS
gis = GIS("https://yourportal.com/portal", "portaladmin", "password")
# Get the SSL Certificate class
sslmgr = gis.admin.security.ssl
# Load a trust CA certificate and restart Portal
resp = sslmgr.import_certificate(r'c:\temp\myTrustedCA.crt', 'myroot', norestart=False)
print(resp)

# Output
True
import_server_certificate(alias, password, certificate)

This operation imports an existing server certificate, stored in the PKCS #12 format, into the keystore. If the certificate is a CA signed certificate, you must first import the CA Root or Intermediate certificate using the Import Root or Intermediate Certificate operation.

Parameter

Description

alias

Required string. The name of the certificate

password

Required string. The password for the certificate

certificate

Required string. The file location of the certificate file

Returns

Dictionary indicating ‘success’ or ‘error’

list(force=False)

List of SSL Certificates as represented in the Portal Admin API

Parameter

Description

force

Optional Boolean. If True, the certificate list will be refreshed, else, if a set of values is in memory, it will use those values. This is used when you want to ensure you have the most up to date list of certificates.

Returns

List of :class: arcgis.gis.admin.SSLCertificate objects

USAGE: Print out information about each SSL Certificate

from arcgis.gis import GIS
gis = GIS("https://yourportal.com/portal", "portaladmin", "password")
# Get the SSL Certificate class
sslmgr = gis.admin.security.ssl
# Get a list of SSL Certificates
sslcerts = sslmgr.list()
# For each certificate, print its alias and issuer
for sslcert in sslcerts:
    print("{} : {}".format(dict(sslcert)['aliasName'], dict(sslcert)['issuer']))

# Output
portal : CN=YOURPORTAL.COM, OU=Self Signed Certificate
yourorgroot : CN=YourOrg Enterprise Root, DC=empty, DC=local
samlcert : CN=YOURPORTAL.COM, OU=Self Signed Certificate
ca_signed : CN=YourOrg Enterprise Root, DC=empty, DC=local
update(alias, protocols, cipher_suites, HSTS=False)

Use this operation to configure the web server certificate, SSL protocols, and cipher suites used by the portal.

Parameter

Description

alias

Required string. The name of the certificate. This is a required parameter. The certificate must be already present in the portal.

protocols

Required string. The SSL protocols the portal will use. Valid options are TLSv1, TLSv1.1, and TLSv1.2; values must be comma separated. By default, these options are all enabled.

cipher_suites

Required string. The cipher suites the portal will use. Valid options are:

  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

  • TLS_RSA_WITH_AES_128_GCM_SHA256

  • TLS_RSA_WITH_AES_128_CBC_SHA256

  • TLS_RSA_WITH_AES_128_CBC_SHA

  • TLS_RSA_WITH_3DES_EDE_CBC_SHA

By default, all of the above options are enabled. Values must be comma separated.

HSTS

Optional Boolean. A Boolean value that indicates whether HTTP Strict Transport Security (HSTS) is being used by the portal.

Returns

Dictionary indicating ‘success’ or ‘error’

EnterpriseUsers

class arcgis.gis.admin.EnterpriseUsers(url, gis=None, **kwargs)

The users resource is an umbrella for operations to manage members within Portal for ArcGIS. The resource returns the total number of members in the system.

create(username, password, first_name, last_name, email, role='org_user', level=2, provider='arcgis', idp_username=None, description=None, user_license=None)

This operation is used to pre-create built-in or enterprise accounts within the portal. The provider parameter is used to indicate the type of user account.

Parameter

Description

username

Required string. The name of the user account

password

Required string. The password of the user account

first_name

Required string. The first name for the account

last_name

Required string. The last name for the account

email

Required string. The email for the account

role

Optional string. The role for the user account. The default value is org_user. Values org_admin | org_publisher | org_user | org_editor (Data Editor) | viewer

level

Optional integer. The account level to assign the user. Values 1 or 2

provider

Optional string. The provider for the account. The default value is arcgis. Values arcgis | enterprise

idp_username

Optional string. The name of the user as stored by the enterprise user store. This parameter is only required if the provider parameter is enterprise.

description

Optional string. A user description

user_license

Optional string. The user type for the account. (10.7+)

Values: creator, editor, advanced (GIS Advanced),

basic (GIS Basic), standard (GIS Standard), viewer, fieldworker

Returns

boolean

get(username)

This operation returns the description, full name, and email address for a single user in the enterprise identity (user) store configured with the portal. The username parameter is used to specify the enterprise username. If the user does not exist, an error is returned.

Parameter

Description

username

Required string. Username of the enterprise account. For Windows Active Directory users, this can be either domainusername or just username. For LDAP users, the format is always username.

Returns

Dictionary indicating ‘success’ or ‘error’

refresh_users(users)

This operation iterates over every enterprise group configured in the portal and determines if the input user accounts belong to any of the configured enterprise groups. If there is any change in membership, the database and the indexes are updated for each user account. While portal automatically refreshes the memberships during a user login and during a periodic refresh (configured through the Update Identity Store operation), this operation allows an administrator to force a refresh.

Parameter

Description

users

Required string. A comma seperated list of users.

Returns

Dictionary indicating ‘success’ or ‘error’

search(query='', max_count=255)

This operation searches users in the configured enterprise user store. You can narrow down the search using the filter parameter.

Parameter

Description

query

Optional string. Where clause into parse down results

max_count

Optional integer. The maximum number of records to return

Returns

Dictionary of the search

update(username, idp_username)

This operation allows an administrator to update the idp_username for an enterprise user in the portal. This is used when migrating from accounts used with web-tier authentication to SAML authentication.

Parameter

Description

username

Required string. Username of the enterprise account. For Windows Active Directory users, this can be either domainusername or just username. For LDAP users, the format is always username.

idp_username

Required string. The username used by the SAML identity provider

Returns

Dictionary indicating ‘success’ or ‘error’

EnterpriseGroups

class arcgis.gis.admin.EnterpriseGroups(url, gis=None, **kwargs)

The groups resource is an umbrella for operations to manage enterprise groups within the portal. The resource returns the total number of groups in the system.

get_group_users(name, query='', max_count=255)

This operation returns the users that are currently assigned to the enterprise group within the enterprise user/group store. You can use the filter parameter to narrow down the user search.

Parameter

Description

name

Optional string. The name of the enterprise group

query

Optional string. Where clause into parse down results

max_count

Optional integer. The maximum number of records to return

Returns

Dictionary of group users

get_user_groups(username, query='', max_count=255)

This operation lists the groups assigned to a user account in the configured enterprise group store.

Parameter

Description

username

Optional string. The name of the user account

query

Optional string. Where clause into parse down results

max_count

Optional integer. The maximum number of records to return

Returns

Dictionary of user groups

refresh_groups(groups)

This operation iterates over every enterprise account configured in the portal and determines if the user account is a part of the input enterprise group. If there are any change in memberships, the database and the indexes are updated for each group. While portal automatically refreshes the memberships during a user login and during a periodic refresh configured through the Update Identity Store operation, this operation allows an administrator to force a refresh.

Parameter

Description

groups

Required string. The comma seperated list of group names to be refreshed

Returns

Dictionary indicating ‘success’ or ‘error’

search(query='', max_count=255)

This operation searches groups in the configured enterprise group store. You can narrow down the search using the filter parameter.

Parameter

Description

query

Optional string. Where clause into parse down results

max_count

Optional integer. The maximum number of records to return

Returns

Dictionary indicating ‘success’ or ‘error’

Site

class arcgis.gis.admin.Site(url, portaladmin, **kwargs)

Bases: arcgis.gis.admin._base.BasePortalAdmin

Site is the root resources used after a local GIS is installed. Here administrators can create, export, import, and join sites.

static create(con, url, username, password, full_name, email, content_store, description='', question_idx=None, question_ans=None, license_file=None, user_license=None)

The create site operation initializes and configures Portal for ArcGIS for use. It must be the first operation invoked after installation. Creating a new site involves:

  • Creating the initial administrator account

  • Creating a new database administrator account (which is same as the initial administrator account)

  • Creating token shared keys

  • Registering directories

This operation is time consuming, as the database is initialized and populated with default templates and content. If the database directory is not empty, this operation attempts to migrate the database to the current version while keeping its data intact. At the end of this operation, the web server that hosts the API is restarted.

Parameter

Description

con

Required Connection. The connection object.

url

Required string. The portal administration url Ex: https://mysite.com/<web adaptor>/portaladmin

username

Required string. The initial admin account name

password

Required string. The password for initial admin account

full_name

Required string. The full name of the admin account

email

Required string. The account email address

content_store

Required string. JSON string including the path to the location of the site’s content.

description

Optional string. The optional description for the account

question_idx

Optional integer. The index of the secret question to retrieve a forgotten password

question_ans

Optional string. The answer to the secret question

license_file

Optional string. The portal license file. Starting at 10.7, you will obtain your portal license file - which contains information regarding your user types, apps, and app bundles-from My Esri. For more information, see Obtain a portal license file.

user_license

The user type for the initial administrator account. The values listed below are the user types that are compatible with the Administrator role.

Values: creatorUT, GISProfessionalBasicUT,

GISProfessionalStdUT, GISProfessionalAdvUT

Returns

Dictionary indicating ‘success’ or ‘error’

export_site(location)

This operation exports the portal site configuration to a location you specify. The exported file includes the following information:

Content directory - the content directory contains the data

associated with every item in the portal

Database dump file - a plain-text file that contains the SQL

commands required to reconstruct the portal database

Configuration store connection file - a JSON file that contains

the database connection information

Parameter

Description

location

Required string. The path to the folder accessible to the portal where the exported site configuration will be written.

Returns

Dictionary indicating ‘success’ or ‘error’

USAGE: Export Portal Site to a location the Portal server has access to.  ** This can be a
       lengthy operation.

from arcgis.gis import GIS
gis = GIS("https://yourportal.com/portal", "portaladmin", "password")
sitemgr = gis.admin.site
response = sitemgr.export_site(r'c:\temp')
print(response)

# Output
{'status': 'success', 'location': 'C:\Temp\June-9-2018-5-22-29-PM-EDT-FULL.portalsite'}
import_site(location)

The importSite operation lets you restore your site from a backup site configuration file that you created using the exportSite operation. It imports the site configuration file into the currently running portal site. The importSite operation will replace all site configurations with information included in the backup site configuration file. See the export_site operation documentation for details on what the backup file includes. The importSite operation also updates the portal content index.

Parameter

Description

location

Required string. A file path to an exported configuration.

Returns

Boolean. True if successful else False.

join(admin_url, username, password)

The joinSite operation connects a portal machine to an existing site. You must provide an account with administrative privileges to the site for the operation to be successful. When an attempt is made to join a site, the site validates the administrative credentials, then returns connection information about its configuration store back to the portal machine. The portal machine then uses the connection information to work with the configuration store. If this is the first portal machine in your site, use the Create Site operation instead. The join operation:

  • Registers a machine to an existing site (active machine)

  • Creates a snapshot of the database of the active machine

  • Updates the token shared key

  • Updates Web Adaptor configurations

Sets up replication to keep the database of both machines in sync The operation is time-consuming as the database is configured on the machine and all configurations are applied from the active machine. After the operation is complete, the web server that hosts the API will be restarted.

Parameter

Description

admin_url

Required string. The admin URL of the existing portal site to which a machine will be joined

username

Required string. The username for the initial administrator account of the existing portal site.

password

Required string. The password for the initial administrator account of the existing portal site.

Returns

Dictionary indicating ‘success’ or ‘error’

System

class arcgis.gis.admin.System(url, gis=None, **kwargs)

This resource is an umbrella for a collection of system-wide resources for your portal. This resource provides access to the ArcGIS Web Adaptor configuration, portal directories, database management server, indexing capabilities, license information, and the properties of your portal.

property content_discovery

This resource allows an administrator to enable or disable external content discovery from the portal website. Because some Esri-provided content requires external access to the internet, an administrator may choose to disable the content to prevent requests to ArcGIS Online resources. When disabling the content, a select group of items will be disabled:

  • All basemaps owned by “esri_[lang]”

  • All content owned by “esri_nav”

  • All content owned by “esri”

This resource will not disable ArcGIS Online utility services or Living Atlas content. For steps to disable these items, refer to the Portal Administrator guide.

When external content is disabled, System Languages are also disabled.

Parameter

Description

value

required Boolean. If true, external content is enabled, else it is disabled.

Returns

boolean

property database

The database resource represents the database management system (DBMS) that contains all of the portal’s configuration and relationship rules. This resource also returns the name and version of the database server currently running in the portal. You can use the properety to update database accounts

property directories

The directories resource is a collection of directories that are used by the portal to store and manage content. Beginning at 10.2.1, Portal for ArcGIS supports five types of directories:

  • Content directory-The content directory contains the data associated with every item in the portal.

  • Database directory-The built-in security store and sharing rules are stored in a Database server that places files in the database directory.

  • Temporary directory - The temporary directory is used as a scratch workspace for all the portal’s runtime components.

  • Index directory-The index directory contains all the indexes associated with the content in the portal. The indexes are used for quick retrieval of information and for querying purposes.

  • Logs directory-Errors and warnings are written to text files in the log file directory. Each day, if new errors or warnings are encountered, a new log file is created.

If you would like to change the path for a directory, you can use the Edit Directory operation.

property email

Provides access to the email configuration setting on enterprise.

Returns

EmailManager

property incremental_backup

Gets/Sets the Incremental Backup for the Enterprise Configuration

Returns

dict

property index_status

The status resource allows you to view the status of the indexing service. You can view the number of users, groups, and search items in both the database (store) and the index. If the database and index do not match, indexing is either in progress or there is a problem with the index. It is recommended that you reindex to correct any issues. If indexing is in progress, you can monitor the status by refreshing the page.

Returns

dict

USAGE: Prints out current Index Status

from arcgis.gis import GIS
gis = GIS("https://yourportal.com/portal", "portaladmin", "password")
sysmgr = gis.admin.system
idx_status = sysmgr.index_status
import json
print(json.dumps(idx_status, indent=2))

# Output
{
  "indexes": [
    {
      "name": "users",
      "databaseCount": 51,
      "indexCount": 51
    },
    {
      "name": "groups",
      "databaseCount": 325,
      "indexCount": 325
    },
    {
      "name": "search",
      "databaseCount": 8761,
      "indexCount": 8761
    }
  ]
}
property indexer

Allows user to manage the site’s indexer

Returns

Indexer

property languages

This resource gets/sets which languages will appear in portal content search results. Use the Update languages operation to modify which language’content will be available.

property licenses

Portal for ArcGIS requires a valid license to function correctly. This resource returns the current status of the license. Starting at 10.2.1, Portal for ArcGIS enforces the license by checking the number of registered members and comparing it with the maximum number of members authorized by the license. Contact Esri Customer Service if you have questions about license levels or expiration properties.

property properties

Gets/Sets the system properties that have been modified to control the portal’s environment.

The list of available properties are:
  • privatePortalURL-Informs the portal that it has a front end load-balancer/proxy reachable at the URL. This property is typically used to set up a highly available portal configuration

  • portalLocalhostName-Informs the portal back-end to advertise the value of this property as the local portal machine. This is typically used during federation and when the portal machine has one or more public host names.

  • httpProxyHost-Specifies the HTTP hostname of the proxy server

  • httpProxyPort-Specifies the HTTP port number of the proxy server

  • httpProxyUser-Specifies the HTTP proxy server username.

  • httpProxyPassword-Specifies the HTTP proxy server password.

  • isHttpProxyPasswordEncrypted-Set this property to false when you are configuring the HTTP proxy server password in plain text. After configuration, the password will be encrypted and this property will be set to true

  • httpsProxyHost-Specifies the HTTPS hostname of the proxy server

  • httpsProxyPort-Specifies the HTTPS port number of the proxy server

  • httpsProxyUser-Specifies the HTTPS proxy server username

  • httpsProxyPassword-Specifies the HTTPS proxy server password

  • isHttpsProxyPasswordEncrypted-Set this property to false when you are configuring the HTTPS proxy server password in plain text. After configuration, the password will be encrypted and this property will be set to true.

  • nonProxyHosts-If you want to federate ArcGIS Server and the site does not require use of the forward proxy, list the server machine or site in the nonProxyHosts property. Machine and domain items are separated using a pipe (|).

  • WebContextURL-If you are using a reverse proxy, set this property to reverse proxy URL.

  • ldapCertificateValidation Introduced at 10.7. When set to true, any encrypted LDAP communication (LDAPS) made from the portal to the user or group identity store will enforce certificate validation. The default value is false.

reindex(mode='FULL', includes=None)

This operation allows you to generate or update the indexes for content; such as users, groups, and items stored in the database (store). During the process of upgrading an earlier version of Portal for ArcGIS, you are required to update the indexes by running this operation. You can check the status of your indexes using the status resource.

Parameter

Description

mode

Optional string. The mode in which the indexer should run. Values USER_MODE | GROUP_MODE | SEARCH_MODE | FULL

includes

Optional string. An optional comma separated list of elements to include in the index. This is useful if you want to only index certain items or user accounts.

Returns

Boolean. True if successful else False.

property web_adaptors

The Web Adaptors resource lists the ArcGIS Web Adaptor configured with your portal. You can configure the Web Adaptor by using its configuration web page or the command line utility provided with the installation.

Returns

WebAdaptors object

Licenses (Deprecated 10.7+)

class arcgis.gis.admin.Licenses(url, gis=None, **kwargs)

Portal for ArcGIS requires a valid license to function correctly. This resource returns the current status of the license. As of 10.2.1, Portal for ArcGIS enforces the license by checking the number of registered members and comparing it with the maximum number of members authorized by the license. Contact Esri Customer Service if you have questions about license levels or expiration properties. Starting at 10.5, Portal for ArcGIS enforces two levels of membership for licensing to define sets of privileges for registered members and their assigned roles.

Deprecated at ArcGIS Enterprise 10.7

entitlements(app='arcgisprodesktop')

This operation returns the currently queued entitlements for a product, such as ArcGIS Pro or Navigator for ArcGIS, and applies them when their start dates become effective. It’s possible that all entitlements imported using the Import Entitlements operation are effective immediately and no entitlements are added to the queue. In this case, the operation returns an empty result.

Parameter

Description

app

Required string. The application lookup. Allowed values: appstudioweb,arcgisprodesktop,busanalystonline_2, drone2map,geoplanner,arcgisInsights,LRReporter, navigator, or RoadwayReporter

Returns

dict

import_entitlements(file, application)

This operation allows you to import entitlements for ArcGIS Pro and additional products such as Navigator for ArcGIS into your licensing portal. Once the entitlements have been imported, you can assign licenses to users within your portal. The operation requires an entitlements file that has been exported out of your ArcGIS License Server Administrator or out of My Esri, depending on the product. A typical entitlements file will have multiple parts, each representing a set of entitlements that are effective at a specific date. The parts that are effective immediately will be configured to be the current entitlements. Other parts will be added to a queue. The portal framework will automatically apply the parts when they become effective. You can use the Get Entitlements operation to see the parts that are in the queue. Each time this operation is invoked, it overwrites all existing entitlements, even the ones that are in the queue.

Parameter

Description

file

Required string. The entitlement file to load into Enterprise.

application

Required string. The application identifier to be imported

Returns

Dictionary indicating ‘success’ or ‘error’

release_license(username)

If a user checks out an ArcGIS Pro license for offline or disconnected use, this operation releases the license for the specified account. A license can only be used with a single device running ArcGIS Pro. To check in the license, a valid access token and refresh token is required. If the refresh token for the device is lost, damaged, corrupted, or formatted, the user will not be able to check in the license. This prevents the user from logging in to ArcGIS Pro from any other device. As an administrator, you can release the license. This frees the outstanding license and allows the user to check out a new license or use ArcGIS Pro in a connected environment.

remove_all(application)

This operation removes all entitlements from the portal for ArcGIS Pro or additional products such as Navigator for ArcGIS and revokes all entitlements assigned to users for the specified product. The portal is no longer a licensing portal for that product. License assignments are retained on disk. Therefore, if you decide to configure this portal as a licensing portal for the product again in the future, all licensing assignments will be available in the website.

remove_entitlement(app='arcgisprodesktop')

deletes an entitlement from a site

Parameter

Description

app

Required string. The application lookup. Allowed values: appstudioweb,arcgisprodesktop,busanalystonline_2, drone2map,geoplanner,arcgisInsights,LRReporter, navigator, or RoadwayReporter

Returns

dict

update_license_manager(info)

ArcGIS License Server Administrator works with your portal and enforces licenses for ArcGIS Pro. This operation allows you to change the license server connection information for your portal. When you import entitlements into portal using the Import Entitlements operation, a license server is automatically configured for you. If your license server changes after the entitlements have been imported, you only need to change the license server connection information. You can register a backup license manager for high availability of your licensing portal. When configuring a backup license manager, you need to make sure that the backup license manager has been authorized with the same organizational entitlements. After configuring the backup license manager, Portal for ArcGIS is restarted automatically. When the restart completes, the portal is configured with the backup license server you specified.

Parameter

Description

info

Required string. The JSON representation of the license server connection information.

Returns

Dictionary indicating ‘success’ or ‘error’

PortalLicense

class arcgis.gis.admin.PortalLicense(url, gis=None, **kwargs)

The Enterprise portal requires a valid license to function correctly. This resource returns information for user types that are licensed for your organization.

Starting at 10.7, the Enterprise portal enforces user type licensing. Members are assigned a user type which determines the privileges that an be granted to the member through a role. Each user type may include access to specific apps and app bundles.

The license information returned for the organization includes the total number of registered members that can be added, the current number of members in the organization and the Portal for ArcGIS version. For each user type, the license information includes the ID, the maximum number of registered members that can be assigned, the number of members currently assigned the license and the expiration, in epoch time. In addition, this resource provides access to the Validate License, Import License, Populate License, Update License Manager, and Release License operations.

import_license(file)

The import_license operation is used to import a new license file. The portal license file contains your Enterprise portal’s user type, app and app bundle licenses. By importing a portal license file, you will be applying the licenses in the file to your organization.

Caution:

Importing a new portal license file will overwrite your organization’s current user type, app, and app bundle licenses. Before importing, verify that the new license file has sufficient user type, app, and app bundle licenses.

Parameter

Description

file

Required String. The portal license file.

Returns

Boolean. True if successful else False.

populate()

The populate operation applies the license information from the license file that is used to create or upgrade your portal. This operation is only necessary as you create or upgrade your portal through the Portal Admin API.

Returns

Boolean. True if successful else False.

release_license(username)

If a user checks out an ArcGIS Pro license for offline or disconnected use, this operation releases the license for the specified account. A license can only be used with a single device running ArcGIS Pro. To check in the license, a valid access token and refresh token is required. If the refresh token for the device is lost, damaged, corrupted, or formatted, the user will not be able to check in the license. This prevents the user from logging in to ArcGIS Pro from any other device. As an administrator, you can release the license. This frees the outstanding license and allows the user to check out a new license or use ArcGIS Pro in a connected environment.

Parameter

Description

username

Required String. The user name of the account.

Returns

Boolean. True if successful else False.

update(info)

ArcGIS License Server Administrator works with your portal and enforces licenses for ArcGIS Pro. This operation allows you to change the license server connection information for your portal.

You can register a backup license manager for high availability of your licensing portal. After configuring the backup license manager, Portal for ArcGIS is restarted automatically. When the restart completes, the portal is configured with the backup license server you specified. When configuring a backup license manager, you will need to ensure that the backup is authorized using the same license file as your portal.

Note

Previously, premium apps were licensed individually through the portal. Starting at 10.7, there will no longer be separate licensing for apps; the portal’s user types, apps, and app bundles will be licensed using a single portal license file. Licensing ArcGIS Pro and Drone2Map requires licensing your Enterprise portal’s ArcGIS License Server Administrator (license manager). Previously, users were required to import a .lic file into the portal’s license manager. They would then generate a .json file through the license manager and import the file into portal. Now, users licensing ArcGIS Pro and Drone2Map import the same license file used to license their portal into their license manager. Users are no longer required to generate an additional license file in the license manager.

Parameter

Description

info

Required Dict. The JSON representation of the license server connection information.

Returns

Boolean. True if successful else False.

validate(file, list_ut=False)

The validate operation is used to validate an input license file. Only valid license files can be imported into the Enterprise portal. If the provided file is valid, the operation will return user type, app bundle, and app information from the license file. If the file is invalid, the operation will fail and return an error message.

Parameter

Description

file

Required String. The portal license file.

list_ut

Optional Boolean. Returns a list of user types that are compatible with the Administrator role. This identifies the user type(s) that can be assigned to the Initial Administrator Account when creating a portal.

Returns

Dictionary indicating ‘success’ or ‘error’

Directory

class arcgis.gis.admin.Directory(url, gis=None, **kwargs)

A directory is a file system-based folder that contains a specific type of content for the portal. The physicalPath property of a directory locates the actual path of the folder on the file system. Beginning at 10.2.1, Portal for ArcGIS supports local directories and network shares as valid locations. During the Portal for ArcGIS installation, the setup program asks you for the root portal directory (that will contain all the portal’s sub directories). However, you can change each registered directory through this API.

property properties

The properties operation on a directory can be used to change the physical path and description properties of the directory. This is useful when changing the location of a directory from a local path to a network share. However, the API does not copy your content and data from the old path to the new path. This has to be done independently by the system administrator.

WebAdaptor

class arcgis.gis.admin.WebAdaptor(url, gis=None, **kwargs)

The ArcGIS Web Adaptor is a web application that runs in a front-end web server. One of the Web Adaptor’s primary responsibilities is to forward HTTP requests from end users to Portal for ArcGIS. The Web Adaptor acts a reverse proxy, providing the end users with an entry point to the system, hiding the back-end servers, and providing some degree of immunity from back-end failures. The front-end web server can authenticate incoming requests against your enterprise identity stores and provide specific authentication schemes such as Integrated Windows Authentication (IWA), HTTP Basic, or Digest. Most importantly, a Web Adaptor provides your end users with a well defined entry point to your system without exposing the internal details of your portal. Portal for ArcGIS will trust requests being forwarded by the Web Adaptor and will not challenge the user for any credentials. However, the authorization of the request (by looking up roles and permissions) is still enforced by the portal’s sharing rules.

unregister()

You can use this operation to unregister the ArcGIS Web Adaptor from your portal. Once a Web Adaptor has been unregistered, your portal will no longer trust the Web Adaptor and will not accept any credentials from it. This operation is typically used when you want to register a new Web Adaptor or when your old Web Adaptor needs to be updated.

WebAdaptors

class arcgis.gis.admin.WebAdaptors(url, gis=None, **kwargs)

The Web Adaptors resource lists the ArcGIS Web Adaptor configured with your portal. You can configure the Web Adaptor by using its configuration web page or the command line utility provided with the installation.

property configuration

Gets/Sets the common properties and configuration of the ArcGIS Web Adaptor configured with the portal.

Parameter

Description

shared_key

Required string. This property represents credentials that are shared with the Web Adaptor. The Web Adaptor uses these credentials to communicate with the portal

list()

Returns all instances of WebAdaptors

USAGE: Get all Web Adaptors and list keys,values of first Web Adaptor object

from arcgis.gis import GIS
gis = GIS("https://yourportal.com/portal", "portaladmin", "password")

# Return a List of Web Adaptor objects
webadaptors = gis.admin.system.web_adaptors.list()

# Get the first Web Adaptor object and print out each of its values
for key, value in dict(webadaptors[0]).items():
    print("{} : {}".format(key, value))

# Output
machineName : yourportal.com
machineIP : 10.11.12.13
webAdaptorURL : https://yourwebserver.com/portal
id : ac17d7b9-adbd-4c45-ae13-77b0ad6f14e8
description :
httpPort : 80
httpsPort : 443
refreshServerListInterval : 1
reconnectServerOnFailureInterval : 1
Returns

List of WebAdaptor objects. Typically, only 1 Web Adaptor will exist for a Portal

WebhookManager

class arcgis.gis.admin.WebhookManager(url, gis)

Creates and manages ArcGIS Enterprise webhooks. Webhooks allow you to be automatically notified when events associated with items, groups, and users occur. Once a webhook has been triggered, an HTTP request is made to a user-defined URL to provide information regarding the event.

create(name, url, events='ALL', number_of_failures=5, days_in_past=5, secret=None, properties=None)

Creates a WebHook to monitor REST endpoints and report activities

Parameter

Description

name

Required String. The name of the webhook.

url

Required String. This is the URL to which the webhook will deliver payloads to.

events

Otional List or String. The events accepts a list or all events can be monitored. This is done by passing “ALL” in as the events. If a list is provided, a specific endpoint can be monitored.

Item Trigger Events

Trigger event

URI example

All trigger events for all items

/items

Add item to the portal

/items/add

All trigger events for a specific item

/items/<itemID>

Delete a specific item

/items/<itemID>/delete

Update a specific item’s properties

/items/<itemID>/update

Move an item or changing ownership of the item

/items/<itemID>/move

Publish a specific item

/items/<itemID>/publish

Share a specific item

/items/<itemID>/share

Unshare a specific item

/items/<itemID>/unshare

Group Trigger Events

Trigger event

URI example

All trigger events for all groups

/groups

Add group

/groups/add

All trigger events for a specific group

/groups/<groupID>

Update a specific group

/groups/<groupID>/update

Delete a specific group

/groups/<groupID>/delete

Enable Delete Protection for a specific group

/groups/<groupID>/protect

Disable Delete Protection for a specific group

/groups/<groupID>/unprotect

Invite a user to a specific group

/groups/<groupID>/invite

Add a user to a specific group

/groups/<groupID>/addUsers

Remove a user from a specific group

/groups/<groupID>/removeUsers

Update a user’s role in a specific group

/groups/<groupID>/updateUsers

User Trigger Events

Trigger event

URI example

All trigger events for all users in the portal

/users

All trigger events associated with a specific user

/users/<username>

Delete a specific user

/users/<username>/delete

Update a specific user’s profile

/users/<username>/update

Disable a specific user’s account

/users/<username>/disable

Enable a specific user’s account

/users/<username>/enable

Example Syntax: [‘/users’, ‘/groups/abcd1234….’]

number_of_failures

Optional Integer. The number of failures to allow before the service

days_in_past

Option Integer. The number of days to report back on.

secret

Optional String. Add a Secret to your payload that can be used to authenticate the message on your receiver.

properties

Optional Dict. At 10.9.1+ users can provide additional configuration properties.

:returns a WebHook instance

# Example using Zapier as the payload URL

from arcgis.gis import GIS

gis = GIS(profile="your_profile", verify_cert=False)

wh_mgr = gis.admin.webhooks
wh = wh_mgr.create(name="Webhook_from_API",
                   url="https://hooks.zapier.com/hooks/catch/6694048/odqj9o3/",
                   events=["/items/981e98b949d9432ebf26433f40948cec/move",
                           "/items/981e98b949d9432ebf26433f40948cec/update"]

See Webhook Blog Post for a detailed explanation.

get(name)

finds a single instance of a webhook by name

list()

Returns a list of WebHook objects

property properties

returns the Webhook properties

property settings

There are several advanced parameters that can be used to configure the connection behavior of your webhook. These parameters will be applied to all of the configured webhooks in your Portal. Use the Update operation to modify any of the parameters.

** Dictionary Key/Values **

Parameter

Description

notificationAttempts

Required Integer. This will determine how many attempts will be made to deliver a payload.

otificationTimeOutInSeconds

Required Integer. The length of time (in seconds) that Portal will wait to receive a response. The max response is 60.

notificationElapsedTimeInSeconds

Required Integer. The amount of time between each payload delivery attempt. By default, this is set to 30 seconds and can be set to a maximum of 100 seconds and a minimum of one second.

returns: dict

Webhook

class arcgis.gis.admin.Webhook(url, gis)

a single webhook

activate()

Restarts a deactivated webhook. When activated, payloads will be delivered to the payload URL when the webhook is invoked.

deactivate()

Temporarily pause the webhook. This will stop the webhook from delivering payloads when it is invoked. The webhook will be automatically deactivated when the deactivation policy is met.

Returns

boolean

delete()

Removes the current webhook from the system.

Returns

Boolean

property notifications

The notifications` will display information pertaining to trigger events associated with the specific webhook. You can use this table to monitor your webhook and the details of any delivered payloads such as the time the webhook was triggered, the response received from the payload URL, and the delivered payload data.

Returns

List

property properties
update(name=None, url=None, events=None, number_of_failures=None, days_in_past=None, secret=None, properties=None)

The Update Webhook operation allows administrators to update any of the parameters of their webhook.

Parameter

Description

name

Required String. The name of the webhook.

url

Required String. This is the URL to which the webhook will deliver payloads to.

events

Otional List or String. The events accepts a list of all events that can be monitored. This is done by passing “ALL” in as the events. If a list is provided, a specific endpoint can be monitored.

Item Trigger Events

Trigger event

URI example

All trigger events for all items

/items

Add item to the portal

/items/add

All trigger events for a specific item

/items/<itemID>

Delete a specific item

/items/<itemID>/delete

Update a specific item’s properties

/items/<itemID>/update

Move an item or changing ownership of the item

/items/<itemID>/move

Publish a specific item

/items/<itemID>/publish

Share a specific item

/items/<itemID>/share

Unshare a specific item

/items/<itemID>/unshare

Group Trigger Events

Trigger event

URI example

All trigger events for all groups

/groups

Add group

/groups/add

All trigger events for a specific group

/groups/<groupID>

Update a specific group

/groups/<groupID>/update

Delete a specific group

/groups/<groupID>/delete

Enable Delete Protection for a specific group

/groups/<groupID>/protect

Disable Delete Protection for a specific group

/groups/<groupID>/unprotect

Invite a user to a specific group

/groups/<groupID>/invite

Add a user to a specific group

/groups/<groupID>/addUsers

Remove a user from a specific group

/groups/<groupID>/removeUsers

Update a user’s role in a specific group

/groups/<groupID>/updateUsers

User Trigger Events

Trigger event

URI example

All trigger events for all users in the portal

/users

All trigger events associated with a specific user

/users/<username>

Delete a specific user

/users/<username>/delete

Update a specific user’s profile

/users/<username>/update

Disable a specific user’s account

/users/<username>/disable

Enable a specific user’s account

/users/<username>/enable

#Example Usage:

>>> events = ['/users', '/groups/abcd1234....']

number_of_failures

Optional Integer. The number of failures to allow before the webhook is deactivated.

days_in_past

Option Integer. The number of days to report back on.

secret

Optional String. Add a secret to your payload that can be used to authenticate the message on your receiver.

:returns Boolean

SocialProviders

class arcgis.gis.admin.SocialProviders(gis)

Enables/Disables the Social Providers Settings for a GIS

Parameter

Description

value

Required GIS. This is an administrator connection to a GIS site.

Returns

SocialProviders object

property configuration

Gets/Sets for the Social Providers on the GIS

Parameter

Description

value

Optional dict or None. If the value is None, the social provider configuration is deleted. If the value is a dictionary, a social provider is setup on the site or updated.

Key:Value Dictionary Options for value Argument

Key

Value

signUpMode

optional string. Invitation or Automatic.

providers

required string. This is a list of strings seperated by a comma. The allowed values are: facebook and google

role

optional string. This is the default role setup when users login to a GIS.

level

optional integer. This is the default level set when a social provider user logins.

userCreditAssignment

optional integer. The default is -1, which means infinite credit usage. The

groups

optional string. A comma seperated list of group ids to assign new users to when they login to using a social provider.

user_type

optional string. A default user license type.

property properties

returns the social providers configurations

MetadataManager

class arcgis.gis.admin.MetadataManager(gis)

Provides Administrators an Easy value to enable, update and disable metadata settings on a Web GIS Site (Enterprise or ArcGIS Online)

disable()

This operation turns off metadata for items.

Returns

boolean

enable(metadata_format='arcgis')

This operation turns on metadata for items and allows the administrator to set the default metadata scheme.

Parameter

Description

metadata_format

Required string. Sets the default metadata format. The allowed values are: inspire,iso19139-3.2,fgdc,iso19139,arcgis, or iso19115

Returns

boolean

property is_enabled

returns boolean to show if metadata is enable on a GIS

update(metadata_format='arcgis')

This operation allows administrators to update the current metdata properties.

Parameter

Description

metadata_format

Required string. Sets the default metadata format. The allowed values are: inspire,iso19139-3.2,fgdc,iso19139,arcgis, or iso19115

Returns

boolean