- URL:
- https://[root]/generateToken
- Methods:
POST
Example usage
The following is a sample ArcGIS Enterprise POST request for the generate
operation. For more examples, see the Additional example usage section below.
POST /webadaptor/sharing/rest/generateToken HTTP/1.1
Host: machine.domain.com
Content-Type: application/x-www-form-urlencoded
Content-Length: []
username=admin&password=test1234&client=referer&ip=&referer=https://myserver/mywebapp&expiration=60&f=pjson
Description
Organizations that choose to implement higher levels of security for their organizations can set the all
setting to true for their organization or portal. The effect of setting all
to true is that all non-HTTPS requests for resources belonging to the organization will be rejected. Setting all
to true guarantees that all transmissions of access tokens as well as data between clients and servers is over a secure encrypted channel and provides protection to tokens and data in transit. When generate
is called for a user in such an organization, it returns a response property of ssl
as true
, and the token must always be passed back via HTTPS to the portal.
The call is only allowed over HTTPS.
Request parameters
Parameter | Details |
---|---|
| The case-sensitive username of the user who wants to get a token. Example
|
| The password of the user who wants to get a token. Example
|
| The client type that will be granted access to the token. Users will be able to specify whether the token will be generated for a client application's base URL, a user-specified IP address, or the IP address that is making the request. Values: |
| The IP address that will be using the created token for access. On the Generate Token page, the IP address is specified in the IP Address field. This is required when Example
|
| The base URL of the client application that will use the token. On the Generate Token page, the referer URL is specified in the Webapp URL field. This is required when Example
|
| The token expiration time in minutes. The default is 60 minutes (one hour). The maximum expiration period is 15 days. The maximum value of the expiration time is controlled by the server. Requests for tokens larger than this time will be rejected. Applications are responsible for renewing expired tokens; expired tokens will be rejected by the server on subsequent requests that use the token. Example
|
| Portal token generated in exchange for user credentials for use by clients working with a federated server. This parameter is required only when generating a server-token. User name, password, client, referer, and expiration parameters are not required for generating a server-token. The referer and expiration time of the portal token will be applied to the server-token.
|
| URL of a federated server for which a server-token needs to be generated. A server-token will be returned only if the Example
|
| The response format. The default response format is Values: |
Response properties
Property | Details |
---|---|
| The generated token. Example
|
| The expiration time of the token in milliseconds since January 1, 1970 (UTC). Example
|
| This property will show as Values: |
Additional example usage
The examples below illustrate three ways in which users can generate tokens with this operation.
Example one: IP address
The following example demonstrates how an ArcGIS Enterprise user can generate a token with a user-specified IP address:
POST /webadaptor/sharing/rest/generateToken HTTP/1.1
Host: machine.domain.com
Content-Type: application/x-www-form-urlencoded
Content-Length: []
username=admin&password=test1234&client=ip&ip=11.11.111.111&referer=&expiration=60&f=json
Example two: Referer
The following example demonstrates how an ArcGIS Enterprise user can generate a token with a client application's base URL:
POST /webadaptor/sharing/rest/generateToken HTTP/1.1
Host: machine.domain.com
Content-Type: application/x-www-form-urlencoded
Content-Length: []
username=admin&password=test1234&client=referer&ip=&referer=https://myserver/mywebapp&expiration=60&f=json
Example three: Request IP
The final example demonstrates how an ArcGIS Enterprise user can generate a token with the IP address that is performing the Generate Token request:
POST /webadaptor/sharing/rest/generateToken HTTP/1.1
Host: machine.domain.com
Content-Type: application/x-www-form-urlencoded
Content-Length: []
username=admin&password=test1234&client=requestip&ip=&referer=&expiration=60&f=json
JSON Response syntax
{
"token": "<token generated>",
"expires": <date shown in UNIX time>,
"ssl": false | true
}
JSON Response example
{
"token": "6hrFDATxrG9w14QY9wwnmVhLE0Wg6LIvwOwUaxz761m1JfRp4rs8Mzozk5xhSkw0_MQz6bpcJnrFUDwp5lPPFC157dHxbkKlDiQ9XY3ZIP8zAGCsS8ruN2uKjIaIargX",
"expires": 1582930261424,
"ssl": true
}