An access token is an authorization string that provides access to secure ArcGIS content, data, and services. An access token is created by implementing a type of authentication. Access tokens are used to authenticate individual requests to ArcGIS services. Access tokens contain the scope and permissions available to access resources, and their capabilities vary based on the type of authentication used to obtain them. The format is either an API key
There are three types of authentication that can be used to obtain an access token:
- API key authentication: This creates a long-lived access token that grants your application access to ArcGIS services
A service, also known as an ArcGIS service, is software that supports an ArcGIS REST API and provides geospatial functionality or data. A service can be hosted by Esri or in ArcGIS Enterprise. and secure itemsAn item, also known as a content item, is a resource stored in a portal such as a web map, hosted layer, style, script tool, file, or notebook. in your portal. - User authentication (formerly ArcGIS identity): This generates a short-lived token via OAuth 2.0, authorizing your application to access secure resources
A secure resource is any item or service in an ArcGIS that requires an ArcGIS account and authentication to access. Examples include ArcGIS Location Services, and items and data services in an ArcGIS portal. on behalf of a signed in ArcGIS userAn ArcGIS user is a user who has an ArcGIS account and uses it to access an ArcGIS application, custom ArcGIS application, or a resource in an ArcGIS portal. . - App authentication: This generates a short-lived token via OAuth 2.0, authorizing your application to access ArcGIS services
A service, also known as an ArcGIS service, is software that supports an ArcGIS REST API and provides geospatial functionality or data. A service can be hosted by Esri or in ArcGIS Enterprise. and secure itemsAn item, also known as a content item, is a resource stored in a portal such as a web map, hosted layer, style, script tool, file, or notebook. in your portal.
An access token is also used to track the usage and cost associated with making requests to ArcGIS services with ArcGIS Location Platform
Related
Also known as
- authentication
- credentials
Related terms
- API key
An API key is a long-lived access token created using API key credentials. They are valid for up to one year and are typically embedded directly into client applications. - API key authentication
API key authentication is a type of authentication that uses an API key to authenticate requests to ArcGIS services and secure portal items. - user authentication
User authentication is a type of authentication that allows users with an ArcGIS account to sign into an application and allow it to access ArcGIS content, services, and resources on their behalf. The typical authorization protocol used is OAuth2.0. - app credential authentication
App authentication is a type of authentication that grants a short-lived access token based on an OAuth 2.0 client ID and client secret, authorizing an application to access ArcGIS services and items. - session token
A session token is a short-lived authorization string that provides access to an ArcGIS service that supports sessions. It is created when a session starts and valid for up to 12 hours. It only has privileges to access the service it was created from. - location service
ArcGIS Location Services, also referred to as Location Services, are services hosted by Esri that provide geospatial functionality for developing mapping applications. They include the ArcGIS Basemap Styles service, ArcGIS Static Basemap Tiles service, ArcGIS Places service, ArcGIS Geocoding service, ArcGIS Routing service, ArcGIS GeoEnrichment service, and ArcGIS Elevation service. An ArcGIS Location Platform or ArcGIS Online account is required to use the services.