How to implement app authentication

This topic outlines the high-level steps of how to implement app authentication.

1. Create OAuth credentials

App authentication requires a set of OAuth credentials.

The steps to create OAuth credentials with an ArcGIS Location Platform account are:

  1. Sign in to your ArcGIS portal.

  2. Click Content > My content > New item and select Developer credentials.

  3. In the Credential types menu, select OAuth credentials.

  4. Add a redirect URL and click Next. This URL is required during creation, but will not be used in app authentication.

  5. Set the credential privileges to determine the operations your access tokens will be authorized to perform.

  6. Set the credential item access privileges to determine the items your access tokens will be authorized to access.

  7. Review your selections and, when you are ready, click Generate credentials.

2. Implement a client credentials flow

The client credentials flow
The client credentials authorization flow

App authentication uses an OAuth 2.0 authorization flow with a grant type of client_credentials. This involves making a request to the token endpoint with a client_id and client_secret from OAuth credentials. The high-level steps to implement this flow are as follows:

  1. Paste the client_id and client_secret from a set of OAuth credentials into your application.

  2. Submit a POST request to the token endpoint, either directly or through a helper class provided by an ArcGIS API.

  3. Use the access token returned in the response. If you made the request on a server, you can now send the access token to your client application.

ArcGIS APIs

ArcGIS REST JS provides an ApplicationCredentialsManager class that can be used to implement app authentication.

Use dark colors for code blocksCopy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
import { ApplicationCredentialsManager } from "@esri/arcgis-rest-request";
import { geocode } from "@esri/arcgis-rest-geocoding";

const appManager = ApplicationCredentialsManager.fromCredentials({
  clientId: "YOUR_CLIENT_ID",
  clientSecret: "YOUR_CLIENT_SECRET"
});

appManager.refreshToken().then((manager) => {

Server-side examples

The following examples show how to set up a web server that implements app authentication and passes the resulting access token to a client application.

3. Make a request

Implementing app authentication successfully will grant an access token to your application when it requests one. The access token will have privileges defined by the OAuth credentials used to supply the client_id and client_secret.

ArcGIS APIs and SDKs

If you use app authentication, the access token returned from the /oauth2/token endpoint can be used directly in requests.

The examples below show how to display a map using an access token.

ArcGIS Maps SDK for JavaScriptArcGIS Maps SDK for JavaScriptArcGIS Maps SDK for .NETArcGIS Maps SDK for KotlinArcGIS Maps SDK for SwiftArcGIS Maps SDK for JavaArcGIS Maps SDK for QtArcGIS API for PythonEsri LeafletMapLibre GL JSOpenLayers
Use dark colors for code blocksCopy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
      esriConfig.apiKey= "YOUR_ACCESS_TOKEN";
      const map = new Map({
        basemap: "arcgis/topographic" // Basemap layer
      });

      const view = new MapView({
        map: map,
        center: [-118.805, 34.027],
        zoom: 13, // scale: 72223.819286
        container: "viewDiv",
        constraints: {
          snapToZoom: false
        }
      });

ArcGIS REST APIs

Your application can also include the access token in requests to REST APIs by setting the token parameter.

This example shows how to geocode an address with the geocoding service.

cURLcURLHTTP
Use dark colors for code blocksCopy
1
2
3
4
curl https://geocode-api.arcgis.com/arcgis/rest/services/World/GeocodeServer/findAddressCandidates \
-d "f=pjson" \
-d "address=1600 Pennsylvania Ave NW, DC" \
-d "token=<YOUR_ACCESS_TOKEN>"

Tutorials

Create OAuth credentials for app authentication

Create and configure OAuth credentials to set up app authentication.


Your browser is no longer supported. Please upgrade your browser for the best experience. See our browser deprecation post for more details.