ArcGIS REST JS includes a comprehensive set of classes for managing authentication. Each helper corresponds with one of the main types of authentication discussed in the Security and authentication guide.
The classes for each type of authentication are:
ApiKeyManagerArcGISIdentityManagerApplicationCredentialsManagerThese managers handle much of the complexity of dealing with authentication including:
To learn more about the different types of authentication, go to Types of authentication.
How authentication managers workEach authentication manager has several static methods to help construct the manager object. These static methods are the preferred way to create the manager objects and implement specific workflows and patterns.
The general workflow is:
authentication parameter.An instance of ApiKeyManager can be created with the ApiKeyManager.fromKey() method.
Use dark colors for code blocks Copy
1
2
3
import { ApiKeyManager } from "@esri/arcgis-rest-request";
const accessToken = ApiKeyManager.fromKey("YOUR_ACCESS_TOKEN");To quickly set up authentication in your application, use an API key. When using an API key, make sure that it is properly scoped to the services you are accessing.
Because of their simplicity, API keys can be passed directly to the authentication parameter.
Use dark colors for code blocks Copy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
import { ApiKeyManager } from "@esri/arcgis-rest-request";
import { geocode } from "@esri/arcgis-rest-geocoding";
geocode({
address: "1600 Pennsylvania Ave",
postal: 20500,
countryCode: "USA",
authentication: ApiKeyManager.fromKey("YOUR_ACCESS_TOKEN") // API key scoped to access the geocoding service
});
To learn more, go to Authenticate with an API key.
ArcGIS identity managerAn instance of ArcGISIdentityManager can be created with several different methods including helper methods for OAuth 2.0 user authentication workflows.
Use dark colors for code blocks Copy
1
2
3
4
5
6
7
8
import { ArcGISIdentityManager } from "@esri/arcgis-rest-request";
ArcGISIdentityManager.beginOAuth2({
clientId: "YOUR_CLIENT_ID",
redirectUri: "YOUR_REDIRECT_URI"
}).then((manager) => {
console.log(manager);
});When your app requires access to secure resources owned by users or if you are distributing your app through ArcGIS Marketplace, you should implement user authentication with OAuth 2.0.
The ArcGIS REST JS request package includes the ArcGISIdentityManager to authenticate users with their ArcGIS Online or ArcGIS Enterprise accounts. The ArcGISIdentityManager also includes helper methods to simplify the authentication process and manage credentials once they are obtained.
Use dark colors for code blocks Copy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
import { ArcGISIdentityManager } from "@esri/arcgis-rest-request";
// register your own app to create a unique clientId
const clientId = "abc123"
// send the user to the authorization page
ArcGISIdentityManager.beginOAuth2({
clientId,
redirectUri: 'https://yourapp.com/authenticate.html'
})
.then(authenticationManager => {
geocode({
address: "1600 Pennsylvania Ave",
postal: 20500,
countryCode: "USA",
authentication: authenticationManager
})
})After the user authorizes your application they will be taken to the page specified by the redirectUrl which should complete the OAuth 2.0 process.
Use dark colors for code blocks Copy
1
2
3
4
5
6
7
8
9
10
11
12
13
import { ArcGISIdentityManager } from "@esri/arcgis-rest-request";
const clientId = "abc123"
/**
* after the user authorizes the application they will be redirected to
* the page defined in redirectUrl which will need to complete the
* authentication process.
**/
ArcGISIdentityManager.completeOAuth2({
clientId,
redirectUri: 'https://yourapp.com/authenticate.html'
});Go to Implement user authentication (Browser) or Implement user authentication (Server)
Application credential managerThis manager is used to implement app authentication. An instance of ApplicationCredentialsManager can be created with the ApplicationCredentialsManager.fromCredentials method:
Use dark colors for code blocks Copy
1
2
3
4
5
6
7
8
9
import { ApplicationCredentialsManager } from "@esri/arcgis-rest-request";
const appManager = ApplicationCredentialsManager.fromCredentials({
clientId: "YOUR_CLIENT_ID",
clientSecret: "YOUR_CLIENT_SECRET"
});
appManager.refreshToken().then((manager) => {
console.log(manager);
});ApplicationCredentialsManager with the client ID and client secret.Use dark colors for code blocks Copy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
import { ApplicationCredentialsManager } from "@esri/arcgis-rest-request";
import { geocode } from "@esri/arcgis-rest-geocoding";
const appManager = ApplicationCredentialsManager.fromCredentials({
clientId: "YOUR_CLIENT_ID",
clientSecret: "YOUR_CLIENT_SECRET"
});
appManager.refreshToken().then((manager) => {
geocode({
address: "1600 Pennsylvania Ave",
postal: 20500,
countryCode: "USA",
authentication: manager
})
});The authentication option on most methods accepts one of the three manager classes. Use the authentication to make a request to a service.
Use dark colors for code blocks Copy
1
2
3
4
5
6
7
8
9
10
11
import { ApiKeyManager } from "@esri/arcgis-rest-request";
import { solveRoute } from "@esri/arcgis-request-routing";
solveRoute({
stops: [
[-117.195677, 34.056383],
[-117.918976, 33.812092],
],
authentication: ApiKeyManager.fromKey("YOUR_ACCESS_TOKEN")
})
.then(response)If you have an access token from another source, you can pass it directly to the authentication option; however this is not recommended. If you directly pass an access token from user authentication or app authentication, ArcGIS REST JS will skip most of its error handling (which is a key feature), so this should be used with caution.
Use dark colors for code blocks
1
2
3
4
5
6
7
8
9
10
import { solveRoute } from "@esri/arcgis-request-routing";
solveRoute({
stops: [
[-117.195677, 34.056383],
[-117.918976, 33.812092],
],
authentication: "YOUR_ACCESS_TOKEN"
})
.then(response)Both ArcGISIdentityManager and ApplicationCredentialsManager generate short lived credentials by default. Both of these classes have a canRefresh property that indicates if the credentials can be refreshed after they expire. Credentials can be refreshed by calling the refreshCredentials method.
Use dark colors for code blocks Copy
1
2
3
4
5
6
7
8
9
// assuming `manager` is an instance of `ArcGISIdentityManager`
// or `ApplicationCredentialsManager`.
if(manager.canRefresh) {
manager.refreshCredentials().then(()=> {
console.log("Credentials refreshed");
}).catch((error) => {
console.log("Error refreshing credentials");
})
}Tokens are also automatically refreshed in the following cases if the canRefresh property is true:
You can also use canRefresh and refreshCredentials() to periodically refresh the credentials while the user is using your application.
Use dark colors for code blocks Copy
1
2
3
4
5
6
7
8
9
10
// ideally this would run sometime after your application loads
if (manager.canRefresh) {
// refresh the credentials to ensure we have a fresh access token which will expire in 30 minutes
manager.refreshCredentials().then(()=>{
// once we have a fresh token set a timeout to refresh every 25 minutes.
setTimeout(()=>{
manager.refreshCredentials()
}, 25 * 60000)
})
}When using ArcGISIdentityManager and ApplicationCredentialsManager ArcGIS REST JS will throw additional errors related to managing the token and token lifecycle.
These errors provide more insight into the token lifecycle and are discussed more in the error handling topic.
TutorialsRetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4