Exporting the ArcGIS token service

The Exporting Token Service option on the Security panel provides you with an ability to export the token service application as a Web application. You can deploy the exported token service to a centralized application server that is accessible to all your ArcGIS Server instances.

You can configure the token service to look up user and role information from the configured security store, or you can set up a new security store configuration for this exported token service. You also need to enter a shared key that will be used to encrypt/decrypt the token generated by the token service and the short-lived (default) and long-lived (maximum) token expiration times.

For more information on the token service, see Tokens and token services.

When Export is clicked on the Export Token Service page, Manager generates a .war file that can be deployed to any of the supported Web application servers.

Securely deploying a token service

When deploying a token service application in an application container (Web server), you need to make sure that Secure Sockets Layer (SSL) is enabled on the application container. Users must consume your token service over HTTPS (secure HTTP). SSL technology allows clients and Web servers to communicate over a secure channel. When the channel is secured using SSL, data sent over it is encrypted.

When fetching tokens from the token service, you need to send your user name and password. To avoid any sniffing of plain-text password fields over the wire, it is recommended that you use the token service through an SSL connection.

For more information on setting up SSL for your application server, please refer to your application server's documentation.