User authentication is a set of authentication workflows that allow users with an ArcGIS account to sign into an application and access ArcGIS content, services, and resources. The typical authentication protocol used is OAuth 2.0. When a user signs into an application with their ArcGIS account, an access token is generated that authorizes the application to access services and content on their behalf. The resources and functionality available depend on the user type, roles, and privileges of the user's ArcGIS account. This authentication type was previously known as Named user login and ArcGIS identity.
User authentication provides access to secure ArcGIS services and content on behalf of a user. It offers several advantages over other types of authentication:
authorization_code flow.Services an app accesses with user authentication will be billed to the ArcGIS account of the signed-in user.
How user authentication works The generic user authentication workflow. To view concrete examples, go to User authentication flowsThe typical steps to implement user authentication are as follows:
Create a set of OAuth credentials in your portal and set a redirect URL.
Paste the client_id and redirect URL from your OAuth credentials into your application.
Use an ArcGIS Maps SDK or API to create an authentication manager class and prompt users to sign in.
Once authenticated, access the secure resources available to the signed-in user in your application.
To learn how to implement user authentication, go to How to implement user authentication.
OAuth credentialsOAuth credentials are an item used to support multiple types of authentication. They are required to implement user authentication. The most common pattern is to create a new OAuth credentials item for each application. OAuth credentials are used to obtain a client ID for your app and authorize its redirect URLs.
TopicTo learn more, go to OAuth credentials (for user authentication).
User authentication flowsThere are six different workflows that can be used to implement user authentication:
The flow you use will vary based on the type of application you build and client API you select.
TopicTo learn more, go to User authentication flows.
Examples ArcGIS APIsIf you are using one of the ArcGIS Maps SDKs, refer to that SDK's Access services with OAuth credentials tutorial to implement user authentication in your app:
After you complete the OAuth 2.0 authorization process, you receive a token credential to use when accessing any content or services to which the authorized user has access. In ArcGIS Maps SDKs, the AuthenticationManager and IdentityManager classes automatically use a token credential to securely access resources, requiring no additional actions from you.
It is possible to implement ArcGIS user authentication with non-ArcGIS APIs, however you remain responsible to obtain, manage, and secure user credentials as a part of your application. For this method, you must implement the appropriate authentication flow for your application. The following OAuth 2.0 flows are recommended:
TipIf you select this option, go to Security best practices for additional guidelines.
Product and account requirementsUser authentication is available with ArcGIS Location Platform, ArcGIS Online, and ArcGIS Enterprise. If you have ArcGIS Online or ArcGIS Enterprise, your account must have a user type of Creator or higher.
NoteThe steps in this chapter apply to the latest version of ArcGIS Enteprise (11.5). To view instruction for previous versions of Enterprise, go to Developer credentials for ArcGIS Enterprise.
Tutorials Create OAuth credentials for user authenticationCreate and configure OAuth credentials to set up user authentication.
Create an application that requires users to sign in with an ArcGIS account.
The following table provides an overview of the functionality available with each type of authentication:
API key authentication User authentication App authentication ArcGIS Location Services 1 1 1 Data services (Item access) Spatial analysis services 1 1 Portal service (General privileges) Portal service (Admin privileges) Full support Partial support No support API support Full support Partial support No supportRetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4