Access tokens

What is an access token?

An access token is an authorization string that provides secure access to ArcGIS resources. Your app must present an access token whenever it makes an authenticated request to ArcGIS services or secure items. They define the scope of privileges available to your application, and their properties vary based on the type of authentication used to obtain them. Access tokens are always associated with an ArcGIS account, and service usage with the token will be billed to that account's ArcGIS subscription.

1
AAPTKUgfudpnh_cXrZ7wRiqGE4q0VCQENKpafTPqVh27cldNPiqORWEyVueCmI67s3ebSNEYl0Sn3IitIyf18X8PxF3N8m9ZE30i5iwGHtGfnv6-DoKA-C8-lJ9GM30s-Wxn75jLBdnQnMjIgwVXEjIoualIMSfk4IWraDv3GMV8XP3fAUA73P23Vfs-THx2QjfDNVD3iuGCqLG0udK_TVLchskcBFVbsj1PRWXGcFaKKzdPkwWMXps_4P_cZEBAZdImAT1_L1aY2CIy

You can get an access token by implementing a type of authentication in your app. Different types of authentication result in access tokens with different privileges.

Types of access tokens

There are different types of access tokens that have different durations.

Privileges for access tokens

Access tokens have different privileges depending on the method used to obtain them:

• Tokens from API key authentication and App authentication have their privileges managed by the developer credentials used to obtain them.

• Tokens from user authentication have their privileges determined by the ArcGIS account of the signed-in user.

View token information

You can retrieve information about an access token by including it in a /self request to the portal service. Set the appInfoToken parameter to the token you want to view information about (valid or not), and set the token parameter to a valid access token. Some of the returned properties include:

• Access token privileges
• Access token expiration date
• client ID of the associated developer credentials
• Item ID of the associated developer credentials
• Owner of the associated developer credentials
• ID of the associated organization

1
https://<PORTAL_URL>/self?token=<YOUR_ACCESS_TOKEN>&appInfoToken=<YOUR_ACCESS_TOKEN>&f=pjson

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
{
  "appInfo": {
    "appId": "<CREDENTIAL_CLIENT_ID>",
    "itemId": "<CREDENTIAL_ITEM_ID>",
    "appOwner": "<USERNAME_OF_OWNER>",
    "orgId": "<ORGANIZATION_ID>",
    "appTitle": "<CREDENTIAL_TITLE>",
    "privileges": [
      "premium:user:basemaps",
      "premium:user:geocode",
      "premium:user:geocode:stored",
      "premium:user:geocode:temporary",
      "premium:user:geoenrichment",
      "premium:user:networkanalysis",
      "premium:user:networkanalysis:closestfacility",
      ...
    ],
    "expirationDate": 1736711129754
  }
}

How to use an access token

You can use an access token to make a request to ArcGIS for resources. To make requests to ArcGIS services, you need to set the token parameter to include the value of the access token. If the token is authenticated successfully, the request is granted access to the operation or resource.

1
https://<LOCATION_SERVICE_URL>?token=<YOUR_ACCESS_TOKEN>

You can also make requests to ArcGIS REST APIs by using an ArcGIS Maps SDK.

Code examples

The following code examples show how to use access tokens to authenticate REST API requests to ArcGIS resources.

1
2
curl https://basemapstyles-api.arcgis.com/arcgis/rest/services/styles/v2/styles/arcgis/outdoor? \
-d "token=<YOUR_ACCESS_TOKEN>"

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
{
    "glyphs":"https://basemaps-api.arcgis.com/arcgis/rest/services/World_Basemap_v2/VectorTileServer/resources/fonts/{fontstack}/{range}.pbf?token=AAPKcc58d292d8d24415af677a38d7adbcc1vMHlBBqqnttVrFKhCQWB8nT8YPjlQs3HPY3fKeV7-__w6LuMKgmag1MubRUgaAaA",
    "layers":[
        {
            "filter":["in","_symbol",0],
            "id":"Land",
            "layout":{},
            "minzoom":0,
            "paint": {
                "fill-color": {

1
2
3
4
curl https://geocode-api.arcgis.com/arcgis/rest/services/World/GeocodeServer/findAddressCandidates \
-d "f=pjson" \
-d "address=1600 Pennsylvania Ave NW, DC" \
-d "token=<YOUR_ACCESS_TOKEN>"

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
{
    "spatialReference": {
      "wkid": 4326,
      "latestWkid": 4326
    },
    "candidates": [
      {
        "address": "1600 Pennsylvania Ave NW, Washington, District of Columbia, 20500",
        "location": {
          "x": -77.036548499999995,

1
2
3
4
5
curl https://services3.arcgis.com/GVgbJbqm8hXASVYi/arcgis/rest/services/LA_County_Parcels/FeatureServer/0/query? \
-d "where=1=1" \
-d "outFields=*" \
-d "f=json" \
-d "token=<YOUR_ACCESS_TOKEN>"

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
{
    "objectIdFieldName":"OBJECTID",
    "uniqueIdField":{"name":"OBJECTID","isSystemMaintained":true},
    "globalIdFieldName":"",
    "geometryProperties":{"shapeAreaFieldName":"Shape__Area","shapeLengthFieldName":"Shape__Length","units":"esriMeters"},
    "geometryType":"esriGeometryPolygon",
    "spatialReference":{"wkid":102100,"latestWkid":3857},
    "fields":[
        {
            "name":"OBJECTID",

1
2
3
curl https://www.arcgis.com/sharing/rest/content/items/<ITEM_ID> \
-d 'f=pjson' \
-d 'token=<YOUR_ACCESS_TOKEN>'

1
2
3
4
5
6
7
8
9
10
11
{
    "id": "ITEM_ID",
    "owner": "OWNER",
    "orgId": "ORG_ID",
    "created": "DATE_CREATED",
    "modified": "DATE_MODIFIED",
    "guid": null,
    "name": null,
    "title": "ITEM_TITLE",
    "type": "ITEM_TYPE"

Tutorials