Security Providers

Security providers store and manage the users and roles that are used for security. Security providers may also provide the web page where users sign in.

The security providers that you use depend on your IT infrastructure and business needs. Different security providers are appropriate in different circumstances.

Essentials supports the following security providers:

You can use multiple security providers. You can also create custom security providers.

Example: Windows Authentication and Identity Server

This example uses two security providers: the Windows Integrated security provider and Geocortex Identity Server.

Your company has Essentials sites that employees use regularly. In addition, the company sometimes hires outside contractors who need to access one or more of the sites. Essentials is secured. You use Integrated Windows Authentication to authenticate employees, and Geocortex Identity Server to authenticate contractors. Windows Authentication and Geocortex Identity Server are the only security providers that you use.

When a contractor is hired, you create a Geocortex Identity Server user for the contractor and apply permissions to the user. You change the security provider's name to Contractors, and then give the credentials to the contractor with instructions to sign in using Geocortex Identity Server.

When the contractor launches the viewer, the contractor is presented with a list of the enabled security providers, in this case, Geocortex Identity Server and Windows Integrated (shown below). The contractor selects Geocortex Identity Server. This opens the Identity Server sign-in dialog box and performs the authentication using Identity Server.

When employees launch the viewer, they select Windows Integrated. This authenticates them using Windows users and roles.

Sign-in page where the end user selects the security provider to sign in with

Enable and Disable Security Providers

You must enable each security provider that you want to use to secure sites. Disable the providers that you do not use. The Windows Integrated and Anonymous Access security providers are enabled by default.

Having one or more security providers enabled does not secure your sites. You must also configure permissions.

To enable or disable a security provider:

  1. In Manager, click the Security & Data tab, expand the Security area in the side panel, and then click Providers.

  2. To enable a security provider, select the Allow checkbox beside the security provider.

    To disable a security provider, clear the Allow checkbox beside the security provider.

    Checkboxes to enable and disable security providers

  3. Click Apply Details.

Edit a Security Provider

If you use more than one security provider, end users select which security provider to sign in with. Editing a security provider enables you to change the security provider's name to something that is meaningful to end users. Note that you cannot change the name of the Anonymous Access security provider. End users never see this name, so there is no reason to change it.

Security providers have settings for the duration of security tokens: Access Token Duration and Refresh Token Duration. The default values for these settings are appropriate for most circumstances. Do not change these settings without first contacting Geocortex Support to discuss your needs. Make sure that you have adequate Support hours available.

To change a security provider's name:

  1. In Manager, click the Security & Data tab, expand the Security area in the side panel, and then click Providers.

  2. Click the Edit icon beside the security provider that you want to configure.

  3. In the Display Name box, enter a name that is meaningful to end users.

  4. Click OK.

  5. Click Apply Details.