Introduction to user authentication

User authentication is a set of authentication workflows that allow users with an ArcGIS account to sign into an application and access ArcGIS content, services, and resources. The typical authentication protocol used is OAuth 2.0. When a user signs into an application with their ArcGIS account, an access token is generated that authorizes the application to access services and content on their behalf. The resources and functionality available depend on the user type, roles, and privileges of the user's ArcGIS account. This authentication type was previously known as Named user login and ArcGIS identity.

User authentication provides access to secure ArcGIS services and content on behalf of a user. It offers several advantages over other types of authentication:

Supports the secure OAuth 2.0 authorization_code flow.
Grants access to all services available to a user, including portal services and spatial analysis services.
Bills usage to user's accounts, rather than the developer's account.

How user authentication works

The generic user authentication workflow. To view concrete examples, go to User authentication flows

The typical steps to implement user authentication are as follows:

Create a set of OAuth credentials in your portal and set a redirect URL.
Paste the client_id and redirect URL from your OAuth credentials into your application.
Use an ArcGIS Maps SDK or API to create an authentication manager class and prompt users to sign in.
Once authenticated, access the secure resources available to the signed-in user in your application.

OAuth credentials

OAuth credentials are an item used to support authentication workflows. They are required to implement user authentication and app authentication using OAuth 2.0 workflows.

User authentication flows

There are six different workflows that can be used to implement user authentication:

The flow you use will vary based on the type of application you build and client API you select.

Examples

ArcGIS APIs

If you are using one of the ArcGIS Maps SDKs, refer to that SDK's Access services with OAuth credentials tutorial to implement user authentication in your app:

After you complete the OAuth 2.0 authorization process, you receive a token credential to use when accessing any content or services to which the authorized user has access. In ArcGIS Maps SDKs, the AuthenticationManager and IdentityManager classes automatically use a token credential to securely access resources, requiring no additional actions from you.

Non-ArcGIS APIs

It is possible to implement ArcGIS user authentication with non-ArcGIS APIs, however you remain responsible to obtain, manage, and secure user credentials as a part of your application. For this method, you must implement the appropriate authentication flow for your application. The following OAuth 2.0 flows are recommended:

Tutorials

Create OAuth credentials for user authentication

Create and configure OAuth credentials to set up user authentication.

ArcGIS portal

Sign in with user authentication

Create an application that requires users to sign in with an ArcGIS account.

JavaScript Maps SDK .NET Maps SDK Kotlin Maps SDK Swift Maps SDK Java Maps SDK Qt Maps SDK REST JS (Server)REST JS (Browser)

API support

	User authentication
ArcGIS Maps SDK for JavaScript
ArcGIS Maps SDK for .NET
ArcGIS Maps SDK for Kotlin
ArcGIS Maps SDK for Swift
ArcGIS Maps SDK for Java
ArcGIS Maps SDK for Qt
ArcGIS API for Python
ArcGIS REST JS
Esri Leaflet	¹
MapLibre GL JS	¹
OpenLayers	¹
CesiumJS	¹

Full supportPartial supportNo support

1. Supported via ArcGIS REST JS