How to use authentication

ArcGIS uses token-based authentication. All service requests made to secure resources must include an access token for authorization.

The general steps to implement authentication in your application are:

1. Create developer credentials

The first step in authentication is to create a set of developer credentials. Developer credentials contain the properties and values required to get an access token, and allow you to configure the privileges of the token to define the services and items it can access.

API key authentication requires a set of API key credentials.

ArcGIS Location Platform

ArcGIS Online

ArcGIS Enterprise

The steps to create API key credentials with an ArcGIS Location Platform account are:

Sign in to your ArcGIS portal.
Click Content > My content > New item and select Developer credentials.
In the Credential types menu, select API key credentials.
Set the credential privileges to determine the operations your access token will be authorized to perform.
Set the credential item access privileges to determine the items your access token will be authorized to access.
Review your selections and, when you are ready, click Generate token. Save the access token as you will not be able to view it again.

The steps to create API key credentials with an ArcGIS Online account are:

Sign in to your ArcGIS portal.
Click Content > My content > New item and select Developer credentials.
In the Credential types menu, select API key credentials. If your account does not have the Generate API keys privilege, this menu will not appear.
Set the credential privileges to determine the operations your access token will be authorized to perform.
Set the credential item access privileges to determine the items your access token will be authorized to access.
Review your selections and, when you are ready, click Generate token. Save the access token as you will not be able to view it again.

The steps to create API key credentials with an ArcGIS Enterprise account are:

API key authentication is not supported in ArcGIS Enterprise versions prior to 11.4.

Sign in to your ArcGIS portal.
Click Content > My content > New item and select Developer credentials.
In the Credential types menu, select API key credentials. If your account does not have the Generate API keys privilege, this menu will not appear.
Set the credential privileges to determine the operations your access token will be authorized to perform.
Set the credential item access privileges to determine the items your access token will be authorized to access.
Review your selections and, when you are ready, click Generate token. Save the access token as you will not be able to view it again.

User authentication requires a set of OAuth credentials.

ArcGIS Location Platform

ArcGIS Online

ArcGIS Enterprise

The steps to create OAuth credentials with an ArcGIS Location Platform account are:

Sign in to your ArcGIS portal.
Click Content > My content > New item and select Developer credentials.
In the Credential types menu, select OAuth credentials.
Add a redirect URL and click Next.
In the Privileges and Grant item access menus, click Next; these are not required for user authentication.
Name the credentials and click Next to review. When you are ready to create the credentials, click Create.

The steps to create OAuth credentials with an ArcGIS Online account are:

Sign in to your ArcGIS portal.
Click Content > My content > New item and select Developer credentials.
If your account has the Generate API keys privilege, you will see the Credential types menu. If this menu appears, select OAuth credentials.
Add a redirect URL and click Next.
If your account has the Assign privileges to OAuth 2.0 applications privilege, you will see additional menus titled Privileges and Grant item access. Click Next; these are not required for user authentication.
Name the credentials and click Next to review. When you are ready to create the credentials, click Create.

The steps to create OAuth credentials with an ArcGIS Enterprise account are:

Sign in to your ArcGIS portal.
Click Content > My content > New item and select Developer credentials.
Add a redirect URL and click Next.
Name the credentials and click Save to create them.

Sign in to your ArcGIS portal.
Click Content > My content > New item and select Developer credentials.
If your account has the Generate API keys privilege, you will see the Credential types menu. If this menu appears, select OAuth credentials.
Add a redirect URL and click Next.
If your account has the Assign privileges to OAuth 2.0 applications privilege, you will see additional menus titled Privileges and Grant item access. Click Next; these are not required for user authentication.
Name the credentials and click Next to review. When you are ready to create the credentials, click Create.

App authentication requires a set of OAuth credentials.

ArcGIS Location Platform

ArcGIS Online

ArcGIS Enterprise

The steps to create OAuth credentials with an ArcGIS Location Platform account are:

Sign in to your ArcGIS portal.
Click Content > My content > New item and select Developer credentials.
In the Credential types menu, select OAuth credentials.
Add a redirect URL and click Next. This URL is required during creation, but will not be used in app authentication.
Set the credential privileges to determine the operations your access tokens will be authorized to perform.
Set the credential item access privileges to determine the items your access tokens will be authorized to access.
Review your selections and, when you are ready, click Generate credentials.

The steps to create OAuth credentials with an ArcGIS Online account are:

Sign in to your ArcGIS portal.
Click Content > My content > New item and select Developer credentials.
If your account has the Generate API keys privilege, you will see the Credential types menu. If this menu appears, select OAuth credentials.
Add a redirect URL and click Next. This URL is required during creation, but will not be used in app authentication.
Set the credential privileges to determine the operations your access tokens will be authorized to perform.
Set the credential item access privileges to determine the items your access tokens will be authorized to access.
Review your selections and, when you are ready, click Generate credentials.

The steps to create OAuth credentials with an ArcGIS Enterprise account are:

Sign in to your ArcGIS portal.
Click Content > My content > New item and select Developer credentials.
Add a redirect URL and click Next. This URL is required during creation, but will not be used in app authentication.
Name your credentials and click Save to create them.

Setting privileges or item access on OAuth credentials is not supported in ArcGIS Enterprise versions prior to 11.4.

Sign in to your ArcGIS portal.
Click Content > My content > New item and select Developer credentials.
If your account has the Generate API keys privilege, you will see the Credential types menu. If this menu appears, select OAuth credentials.
Add a redirect URL and click Next. This URL is required during creation, but will not be used in app authentication.
Set the credential privileges to determine the operations your access tokens will be authorized to perform.
Set the credential item access privileges to determine the items your access tokens will be authorized to access.
Review your selections and, when you are ready, click Generate credentials.

2. Get an access token

The next step is to get an access token by implementing a type of authentication. The implementation details depend on the type of authentication you choose:

API key authentication flow

The API key authentication workflow

3. Make a request

Once you have an access token, you can use it in your application to make requests to secure resources.

Mapping APIs

Display a basemap

If you use API key authentication with an ArcGIS API, the API key value is typically set once when the application is initialized and is applied every time a service request is made.

The examples below show how to use an API key to access the basemap styles service.

ArcGIS Maps SDK for JavaScript

ArcGIS Maps SDK for .NET

ArcGIS Maps SDK for Kotlin

ArcGIS Maps SDK for Swift

ArcGIS Maps SDK for Java

ArcGIS Maps SDK for Qt

ArcGIS API for Python

Esri Leaflet

MapLibre GL JS

OpenLayers

Expand

Use dark colors for code blocks

Copy

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
      esriConfig.apiKey= "YOUR_ACCESS_TOKEN";
      const map = new Map({
        basemap: "arcgis/topographic" // Basemap layer
      });

      const view = new MapView({
        map: map,
        center: [-118.805, 34.027],
        zoom: 13, // scale: 72223.819286
        container: "viewDiv",
        constraints: {
          snapToZoom: false
        }
      });

Expand

Go to tutorial

If you use user authentication with an ArcGIS Maps SDK, the AuthenticationManager or IdentityManager classes automatically handle authentication with the access token, requiring no additional action from you.

The examples below show how to display a map in apps that implement user authentication.

ArcGIS Maps SDK for JavaScript

ArcGIS Maps SDK for .NET

ArcGIS Maps SDK for Kotlin

ArcGIS Maps SDK for Swift

ArcGIS Maps SDK for Qt

Expand
Use dark colors for code blocksCopy
        function handleSignedIn() {

            map = new Map({
                basemap: "arcgis/topographic" // basemap styles service
            });
            const view = new MapView({
                map: map,
                center: [-118.805, 34.027], // Longitude, latitude
                zoom: 13, // Zoom level
                container: "viewDiv" // Div element
            });

        }
Expand
Go to tutorial

If you use app authentication, the access token returned from the /oauth2/token endpoint can be used directly in requests.

The examples below show how to display a map using an access token.

ArcGIS Maps SDK for JavaScript

ArcGIS Maps SDK for .NET

ArcGIS Maps SDK for Kotlin

ArcGIS Maps SDK for Swift

ArcGIS Maps SDK for Java

ArcGIS Maps SDK for Qt

ArcGIS API for Python

Esri Leaflet

MapLibre GL JS

OpenLayers

Use dark colors for code blocksCopy
      esriConfig.apiKey= "YOUR_ACCESS_TOKEN";
      const map = new Map({
        basemap: "arcgis/topographic" // Basemap layer
      });

      const view = new MapView({
        map: map,
        center: [-118.805, 34.027],
        zoom: 13, // scale: 72223.819286
        container: "viewDiv",
        constraints: {
          snapToZoom: false
        }
      });

ArcGIS REST APIs

Access tokens returned from all three types of authentication can be used in REST API requests. To make a direct request to ArcGIS resources, you can use an HTTP request and include the access token as the token parameter. The format to access most REST API endpoints is as follows:

Use dark colors for code blocksCopy
https://<RESOURCE_URL>?token=<YOUR_ACCESS_TOKEN>

Geocode an address

This example shows how to authenticate a request to the geocoding service.

cURL

HTTP

Use dark colors for code blocks

Copy

1
2
3
4
curl https://geocode-api.arcgis.com/arcgis/rest/services/World/GeocodeServer/findAddressCandidates \
-d "f=pjson" \
-d "address=1600 Pennsylvania Ave NW, DC" \
-d "token=<YOUR_ACCESS_TOKEN>"

Go to topic

Use dark colors for code blocksCopy
{
    "spatialReference": {
      "wkid": 4326,
      "latestWkid": 4326
    },
    "candidates": [
      {
        "address": "1600 Pennsylvania Ave NW, Washington, District of Columbia, 20500",
        "location": {
          "x": -77.036548499999995,
Expand

Get item details

This example shows how to authenticate to get the details of an item from your organization's portal service.

cURL

HTTP

Use dark colors for code blocks

Copy

1
2
3
curl https://www.arcgis.com/sharing/rest/content/items/<ITEM_ID> \
-d 'f=pjson' \
-d 'token=<YOUR_ACCESS_TOKEN>'

Go to topic

Use dark colors for code blocksCopy
{
    "id": "ITEM_ID",
    "owner": "OWNER",
    "orgId": "ORG_ID",
    "created": "DATE_CREATED",
    "modified": "DATE_MODIFIED",
    "guid": null,
    "name": null,
    "title": "ITEM_TITLE",
    "type": "ITEM_TYPE"
Expand

Tutorials

Create an API key

Create and configure API key credentials to get a long-lived API key access token.

ArcGIS portal

Sign in with user authentication

Create an application that requires users to sign in with an ArcGIS account.

JavaScript Maps SDK .NET Maps SDK Kotlin Maps SDK Swift Maps SDK Java Maps SDK Qt Maps SDK REST JS (Server)REST JS (Browser)

Create OAuth credentials for app authentication

Create and configure OAuth credentials to set up app authentication.

ArcGIS portal

How to use authentication

1. Create developer credentials

2. Get an access token

3. Use the access token

1. Create developer credentials

2. Get an access token

3. Make a request

Mapping APIs

Display a basemap

ArcGIS REST APIs

Geocode an address

Get item details

Tutorials

Create an API key

Sign in with user authentication

Create OAuth credentials for app authentication