AGOL Helper Documentation

Comprehensive guide to data governance for ArcGIS Online

Quick Navigation

Getting Started Features Guide Security & Risk API Reference

Getting Started

1. Organization Setup

Prerequisites

  • • ArcGIS Online organization with administrator privileges
  • • Access to create OAuth applications in your AGOL portal
  • • Modern web browser (Chrome, Firefox, Safari, Edge)

Step 1: Register Your AGOL Application

  1. Log into your ArcGIS Online organization as an administrator
  2. Navigate to Organization → Settings → App Registration
  3. Click "Add Application" and select "Web Application"
  4. Fill in the application details:
    • Name: AGOL Helper
    • Redirect URI: [your-domain]/auth/callback
    • Privileges: Enable all required permissions
  5. Save the application and copy the Client ID and Client Secret

Step 2: Configure AGOL Helper

  1. Access AGOL Helper and enter your organization prefix
  2. Complete the organization registration form with:
    • Organization name and contact information
    • Client ID and Client Secret from step 1
    • Redirect URI (auto-populated)
  3. Test the connection by logging in with your AGOL credentials

Step 3: Initial Data Sync

  1. Navigate to the Audit Dashboard
  2. Click "Sync Data" to import your organization's content
  3. Wait for the sync to complete (typically 2-5 minutes)
  4. Review the summary statistics and initial security assessments

Features Guide

Version Management

Professional version control for your ArcGIS Online content.

Key Features:

  • Create branches for experimental changes
  • Compare versions side-by-side
  • Merge approved changes back to main
  • Rollback to previous versions
  • Automated change detection

How to Use:

  1. Select a web map from the dashboard
  2. Click "Create Branch" for experimental changes
  3. Make changes in ArcGIS Online
  4. Use "Compare" to review differences
  5. Merge or delete branches as needed

Audit Dashboard

Comprehensive analytics and governance insights.

Key Features:

  • Content inventory and metadata
  • User permission analysis
  • Security risk scoring
  • Sharing violation detection
  • Orphaned content identification

How to Use:

  1. Navigate to "Audit Dashboard"
  2. Click "Sync Data" to refresh content
  3. Review summary statistics
  4. Use filters to analyze specific content
  5. Export reports for compliance

User Permissions

Analyze user roles, permissions, and activity patterns.

Key Features:

  • Role distribution analysis
  • Inactive user identification
  • Power user detection
  • Permission compliance checking
  • Access pattern monitoring

Tabs Available:

  • Role Distribution: User count by role
  • Sharing Violations: Policy violations
  • Orphaned Content: Content from inactive users
  • Inactive Users: Users with no recent activity
  • Power Users: High-activity content creators

Bulk Editor

Efficiently manage multiple items simultaneously.

Key Features:

  • Batch metadata updates
  • Tag management
  • Access level changes
  • Ownership transfer
  • Bulk deletion operations

How to Use:

  1. Navigate to "Bulk Editor"
  2. Use filters to select target items
  3. Choose the operation to perform
  4. Review changes before applying
  5. Execute bulk operation

Security & Risk Assessment

Security Risk Scoring System

AGOL Helper employs a comprehensive risk scoring algorithm that evaluates content based on multiple security factors:

High Risk (70-100)

  • • Public content by non-admins
  • • Shared with everyone
  • • Contains sensitive data
  • • Stale content (>1 year)
  • • Multiple risk factors

Medium Risk (40-69)

  • • Organization-wide sharing
  • • Moderately stale (6-12 months)
  • • Shared with external groups
  • • Incomplete metadata
  • • Some governance issues

Low Risk (0-39)

  • • Private or group-only sharing
  • • Recently updated
  • • Complete metadata
  • • Proper access controls
  • • Compliance with policies

Risk Factors Explained

Access Level Risk

Content sharing patterns that may expose data inappropriately:

  • Public: Highest risk - visible to anyone on the internet
  • Organization: Medium risk - visible to all org members
  • Groups: Lower risk - controlled access
  • Private: Lowest risk - owner access only

Content Age Risk

Older content may contain outdated or inaccurate information:

  • 0-6 months: Current and likely accurate
  • 6-12 months: Should be reviewed for accuracy
  • 1+ years: May contain outdated information
  • 2+ years: High likelihood of being stale

Owner Permissions Risk

Content owned by users without appropriate privileges:

  • Non-admin public content: Policy violation
  • Inactive user content: Orphaned resources
  • Role mismatches: Insufficient privileges

Sharing Violations

AGOL Helper automatically detects content that violates organizational sharing policies:

Common Violations

  • Public content by non-admins: Users without admin privileges sharing content publicly
  • Oversharing: Content shared more broadly than necessary
  • External sharing: Content shared outside the organization inappropriately
  • Role violations: Users sharing beyond their role permissions

API Reference

REST Endpoints

Audit & Analytics

GET /audit/analytics

Retrieve organization analytics and summary statistics.

Response: JSON with content counts, risk distribution, and ownership data
GET /audit/items

Get paginated list of organization items with filtering.

Parameters: page, per_page, search, type, access, risk, owner
POST /audit/sync

Trigger a data synchronization with ArcGIS Online.

Response: Sync status and processed item count
GET /audit/user-permissions

Analyze user permissions and sharing patterns.

Response: User roles, violations, orphaned content, and activity data

Data Export

GET /audit/export/filtered

Export filtered item data as CSV.

Parameters: Same filtering options as /audit/items
GET /audit/export/user-permissions

Export comprehensive user permissions report as CSV.

Content: User summary, sharing violations, orphaned content, inactive users

Version Control

POST /webmap/{id}/create-version

Create a new version snapshot of a web map.

GET /webmap/{id}/compare/{version1}/{version2}

Compare two versions of a web map.

POST /webmap/{main_id}/merge/{branch_id}

Merge changes from a branch back to the main web map.

Authentication

All API endpoints require valid session authentication. Users must be logged in through the AGOL OAuth flow.

Rate Limiting

API endpoints are rate-limited to prevent abuse. Sync operations are limited to once per minute per organization. Export operations are limited to 10 requests per hour per user.

Troubleshooting

Common Issues

Authentication Problems

Issue: "Invalid Client ID or Secret"

Solution: Verify your AGOL app registration settings and ensure the Client ID and Secret are correct.

Issue: "Redirect URI Mismatch"

Solution: Ensure the redirect URI in your AGOL app matches exactly: [your-domain]/auth/callback

Sync Issues

Issue: "Sync Taking Too Long"

Solution: Large organizations may take 5-10 minutes. Check your network connection and AGOL API limits.

Issue: "No Data After Sync"

Solution: Verify your AGOL account has permission to access organization content and user information.

Performance Issues

Issue: "Slow Dashboard Loading"

Solution: Use filters to reduce the amount of data displayed. Clear browser cache if needed.

Issue: "Export Timeout"

Solution: Use filters to reduce the dataset size before exporting. Large exports may take several minutes.

Need More Help?

If you're still experiencing issues, please visit our Support Page for additional resources and contact information.