Authentication
In order to authenticate with Nearmap, you will need to register the widget with your Nearmap MyAccount at: https://apps.nearmap.com/account/integrations/widgets. The registration occurs via the widget setup wizard process once widgets have been provisioned in Nearmap MyAccount.
NOTE: Registration can only be commenced through the widget setup wizard.
NOTE: If you do not have access to Widgets, please contact your Nearmap Account Manager.
IMPORTANT: The authentication approach requires Nearmap systems to communicate with the ArcGIS instance to verify tokens. The server doesn’t need to be fully public (accessible from any IP address), but it must be accessible from Nearmap’s IP addresses even if the server is behind a firewall.
Configuration Requirements
ArcGIS Enterprise Configure security settings (ArcGIS 11.3)
NOTE: Different versions can be selected in Other versions dropdown list. For more information about configuring security settings, refer to this article - Configure security settings on the Esri website.
- Log in to your ArcGIS Enterprise Portal. Confirm that you are signed in as a default administrator or as a member of a custom role with administrative privileges to manage security and infrastructure.
- In the Portal, click Organization and click the Settings tab.
- Click Security.
- In Access and permissions ensure HTTPS is Enabled.
- In Trusted Servers, add the following Nearmap IP addresses to the list of trusted servers:
• 54.160.92.119/32
• 3.219.245.127/32
• 52.71.223.124/32
• 52.8.127.201
NOTE: Ensure you add the Nearmap widget URL to the allowlist in ArcGIS Enterprise.
Handling Network Restrictions
If your ArcGIS Enterprise server is behind a firewall, within a Virtual Private Cloud (VPC), or has other network restrictions that might block communication with Nearmap, follow these additional steps to ensure connectivity.
Firewall Configuration
- Ensure that your firewall rules allow outbound and inbound HTTPS traffic to and from the Nearmap IP addresses listed above.
- If using an inbound firewall, allow incoming traffic from Nearmap IP addresses. You can obtain these IP addresses from Nearmap support.
VPC Configuration
- If your ArcGIS Enterprise is hosted within a VPC, configure the VPC security groups and network Access Control Lists (ACLs) to allow outbound and inbound traffic to
https://apps.nearmap.com and the Nearmap IP addresses listed above. - Ensure that any necessary Network Address Translation (NAT) gateways or proxies are correctly configured to handle traffic to and from Nearmap.
Proxy Server Configuration
If your network uses a proxy server, configure the proxy settings to allow traffic to https://apps.nearmap.com and the Nearmap IP addresses listed above.
Update the proxy settings in your ArcGIS Server configuration if necessary.
Testing Connectivity
Use the curl command to test connectivity from your ArcGIS server to Nearmap. This can help ensure that the necessary network routes are open.
Example curl command: curl -I --header "Origin: https://apps.nearmap.com" https://<your-arcgis-server-url>/portal/sh
This will provide detailed information about the request and response, including headers and status codes.
Monitoring and Logging
- Check the ArcGIS Server logs for any errors or warnings related to connectivity issues.
- Monitor firewall and proxy logs to ensure that traffic is being correctly routed and not blocked.
Documentation
- Keep detailed documentation of all configurations made for future reference and troubleshooting.
- Note any specific IP addresses, ports, or domains that were configured.
Contact Support
If issues persist, contact Nearmap support for assistance in troubleshooting and ensuring that all necessary configurations are in place.