Introduction to security and authentication

Authentication is the process of verifying an identity. ArcGIS supports secure access to ArcGIS services, content, and resources for verified identities through several authentication workflows. It ensures that only valid, authorized users and and applications can access protected information. To build applications that access secure resources, you need to choose a type of authentication and implement an authentication workflow. This section covers how to use API keys, user authentication, and app credentials authentication to make authenticated requests to services and secure resources.


How to access ArcGIS resources

Learn how to access secure resources with an ArcGIS account and an access token.

Types of authentication

Compare the different types of authentication that grant an access token.

API key authentication

Create a permenant API key to access location services and secured content.

User authentication

Create user authentication workflows to access ArcGIS resources on behalf of your users.

App credentials authentication

Implement app credential authentication to securely access ArcGIS location services.

Access tokens

Learn what access tokens are and how to use them.

OAuth 2.0

Learn how ArcGIS uses the industry standard OAuth2.0 authorization protocol.

HTTP authorization headers

Learn about HTTP authorization headers.

Security best practices

Learn the best practices for authorizing your apps.



API support

API keysApp credentials authenticationUser authentication
ArcGIS Maps SDK for JavaScript1
ArcGIS Maps SDK for .NET
ArcGIS Maps SDK for Kotlin
ArcGIS Maps SDK for Swift
ArcGIS Maps SDK for Java
ArcGIS Maps SDK for Qt
ArcGIS API for Python
Esri Leaflet12
MapLibre GL JS12
Full supportPartial supportNo support
  • 1. Requires use of a server component to access and manage token and/or user session.
  • 2. Supports using a token obtained from OAuth 2.0 but lacks federated server validation for basemaps.


Your browser is no longer supported. Please upgrade your browser for the best experience. See our browser deprecation post for more details.