Home / , , / Geovonic Connect – Prerequisites

Geovonic Connect – Prerequisites

This article describes the prerequisites required for using Geovonic Connect. The requirements are slightly different depending on whether you are using ArcGIS Online or ArcGIS Enterprise in your organisation.

ArcGIS Enterprise

1) Access Rights

When setting up Geovonic Connect, the first user must be an CREATOR for the ArcGIS Enterprise organisation. Non-administrators will not be able to setup Geovonic Connect. Additional Geovonic Connect admins can be added later by adding them to an ArcGIS Enterprise user group.

2) Firewall Access

If your ArcGIS Enterprise is not available on the internet, the Geovonic Connect server will need to be given special access to your environment. There are a couple of options for this: –

  • [PREFERRED] Install and run the Geovonic Relay Service.The relay service runs as an agent to initiate a connection from inside the network to the Geovonic Connect server. This is a common model for providing secure access between SaaS applications and business systems running inside the firewall.Refer to this help article for installing the Geovonic Relay Service.
  • [ALTERNATE] Open up access to your network from the Geovonic servers.
    You will need to work with your network adminstrators to plan for this access. Some common options include IP Whitelisting and/or an API Gateway running in the DMZ.Note: The Geovonic server requires access to any business system you intend to pull data from to display alongside the map or include in reports. The Geovonic Relay Service can provide access to all internal business systems; using the alternate approach  may require network configuration for each system running inside the firewall.

3) Organization Security Settings

Some security settings on your ArcGIS Enterprise account can block access to Geovonic Connect.

  • Allow origins – Limit the web application domains that can connect via Cross-Origin Resource Sharing (CORS) to the ArcGIS REST API.If your organization restricts the domains that can connect via CORS, you must add https://connect.geovonic.com to the list of allowed origins.
    See this FAQ for more information.
  • Approved apps – Members can only sign in to external apps that are approved.If your organization limits the external apps that can be accessed, you must Geovonic Connect to the list of approved apps.
    See this FAQ for more information.
  • Widget registration – To automatically register the Geovonic Connect widget in your organisation, the user must have permissions to create an Application Extension in the portal.

ArcGIS Online

1) Access Rights

When setting up Geovonic Connect, the first user must be an CREATOR for the ArcGIS Online organisation. Non-administrators will not be able to setup Geovonic Connect. Additional Geovonic Connect admins can be added later by adding them to an ArcGIS Online user group.

2) Firewall Access

The Geovonic Connect server requires access to any business system you intend to pull data from to display alongside the map. If your business systems are not available on the internet, the Geovonic Connect server will need to be given special access to your environment. There are a couple of options for this: –

  • [PREFERRED] Install and run the Geovonic Relay Service.The relay service runs as an agent to initiate a connection from inside the network to the Geovonic Connect server. This is a common model for providing secure access between SaaS applications and business systems running inside the firewall.Refer to this help article for installing the Geovonic Relay Service.
  • [ALTERNATE] Open up access to your network from the Geovonic servers.
    You will need to work with your network adminstrators to plan for this access. Some common options include IP Whitelisting and/or an API Gateway running in the DMZ.Note: The Geovonic Relay Service can provide access to all internal business systems; using the alternate approach  may require network configuration for each system running inside the firewall.

3) Organization Security Settings

Some security settings on your ArcGIS Online account can block access to Geovonic Connect.

  • Allow origins – Limit the web application domains that can connect via Cross-Origin Resource Sharing (CORS) to the ArcGIS REST API.If your organization restricts the domains that can connect via CORS, you must add https://connect.geovonic.com to the list of allowed origins.
    See this FAQ for more information.
  • Approved apps – Members can only sign in to external apps that are approved.If your organization limits the external apps that can be accessed, you must add Geovonic Connect to the list of approved apps.
    See this FAQ for more information.