You can configure your portal to register ArcGIS organizational accounts automatically for organization-specific users the first time they access the portal, or you can block automatic account registration. Once you set a default role and user type for new accounts from the portal, you can enable automatic account creation.
If automatic account creation is turned off, organization-specific users that are not members of your portal are treated as anonymous users. These users can still access the portal if anonymous access is allowed, and they will have the same privileges as a user who does not have an ArcGIS organizational account. If you want them to have more privileges, you must add them as members to your portal.
By default, automatic account registration is disabled in the organization. To enable automatic account registration, and administrator must define the default user type and role for new members. The workflow to enable or disable this feature is dependent on the authentication method used by the organization:
- SAML and OpenID authentication—When configuring these methods, the option can be enabled or disabled in the organization settings.
- Portal-tier and web-tier authentication—When configuring these methods, the option can be enabled or disabled using the ArcGIS Portal Administrator Directory.
Note:
Automatically adding organization-specific accounts to your portal can result in a rapid increase of ArcGIS organizational accounts in your portal. Refer to the organization page of the portal to monitor the maximum number of members allowed in your organization. Be aware that when automatic registration is enabled, organization-specific accounts will be added as members of your organization, not only when they browse to your portal, but also when they look at embedded web maps from your portal or look at a web map or web app from a link.
Enable automatic account creation in your organization settings
To enable automatic account creation in your organization settings, follow the steps below.
- Sign into your portal as an administrator.
- Click Organization > Settings > Security.
- In the Logins section, click New SAML login or New Open ID connect login.
- If you selected New SAML login, choose your configuration and click Next.
- In Specify properties, set Your users will be able to join: to Automatically.
- If you selected New Open ID connect login, set Let new members join to Automatically.
- Click Save.
Enable automatic account creation in the Portal Administrator Directory
Registration behavior is controlled by the enableAutomaticAccountCreation setting in the Portal Administrator Directory. You must set a default user type in the portal to enable automatic account creation.
- Sign in to the Portal Administrator Directory as an administrator of your organization.
The URL is in the format https://webadaptorhost.domain.com/webadaptorname/portaladmin.
- Click Security > Config > Update Security Configuration.
- Edit the configuration JSON, setting enableAutomaticAccountCreation to either true, if you want accounts registered automatically for organization-specific users, or false, if you want to add organization-specific user accounts manually, for example, "enableAutomaticAccountCreation": "true".
For information on adding organization-specific accounts manually, see Add members to your portal.