Steps to secure ArcGIS Server REST Endpoints

These are the steps to secure ArcGIS Server REST Endpoints

1.      Go to ArcGIS Manager. Go the services you want to secure and click on the 'Lock' icon to Lock it. This will lock the application.

2.      Download the 'DotNet' proxy folder from ESRI github (https://github.com/esri/resource-proxy/) and install it in the wwwroot folder.

3.      Inside this 'DotNet' folder edit the proxy.config file add an entry like shown here.

<serverUrl url="http://localhost:6080/arcgis/rest/services" matchAll="true" username="<ArcGIS Site Username>" password="<ArcGIS Site Password>"/>

4.      Perform a ping operation like shown here and make sure you are getting results. If not double-check the above steps.

https://<Server Domain Name>/dotnet/proxy.ashx?ping

The reply should be like this.

{ "Proxy Version": "1.1.2", "Configuration File": "OK", "Log File": "Not Exist/Readable"}

5.      Now the site is secure and the proxy is ready for communication.

6.      In your JavaScript API code. Add these lines in the beginning.

        urlUtils.addProxyRule({

            urlPrefix: "https://<Server Domain Name>",

            proxyUrl: "https://<Server Domain Name>/DotNet/proxy.ashx"

        });

7.      Now all your JavaScript REST endpoint calls will go through proxy and your services will remain protected.

Happy Coding !