User authentication

User authentication is a set of authentication workflows that allow users with an ArcGIS account to sign into an application and access ArcGIS content, services, and resources. The typical authentication protocol used is OAuth2.0. When a user signs into an application with their ArcGIS account, an access token is generated that authorizes the application to access services and content on their behalf. The resources and functionality available depend on the user type, roles, and privileges of the user's ArcGIS account. This authentication type was previously known as Named user login and ArcGIS identity.

If your application will access your users' secure content in ArcGIS or if you plan to distribute your application through ArcGIS Marketplace, you must use user authentication.

How user authentication works

User authentication serverless web app workflow
Serverless web app workflow with OAuth2.0 implicit grant.
  1. Register your application in the developer dashboard to receive client credentials.

  2. Implement an OAuth 2.0 authentication workflow.

  3. User authorizes your application.

  4. ArcGIS exchanges the authorization code from user authorization for a temporary access token.

  5. Use the access token to authenticate with ArcGIS according to your specific client API.

    User authentication authorizes the app to perform specific tasks affiliated with the user's account, such as:

    • Access private content owned by the user or by the user's organization
    • Access premium ArcGIS content, such as search, routing, and demographics
    • Create, update, and delete the user's content
    • Share content with other users within their organization
    • Access any content that has been shared with the user

The authenticated user can access premium content and services through your application that are metered to their ArcGIS subscription; during the authenticated period, your app can access the user's content on their behalf.

User authentication workflows

There are six different workflows that can be used to implement user authentication:

The following workflows adhere to the OAuth2.0 specification:

WorkflowEquivalent OAuth2.0 flow
Serverless web appAuthorization code flow with PKCE
Serverless mobile/native appAuthorization code flow
Server-based appAuthorization code flow
Manual token generationResource owner password flow (Insecure)

Most ArcGIS accounts can sign in to with all user authentication workflows. Some workflows only support ArcGIS Enterprise login.

ArcGIS Developer loginArcGIS Online loginArcGIS Enterprise login
Serverless web flow
Serverless native/mobile flow
Server-based flow
Manual token generation flow
Integrated Windows Authentication (IWA)
Public key infrastructure (PKI)
Full supportPartial supportNo support

    Implement user authentication

    Authentication with ArcGIS APIs

    If you are using one of the ArcGIS Mobile or Native SDKs, refer to that SDK's Getting Started page to implement user authentication in your app:

    After you complete the OAuth 2.0 authorization process, you receive a token credential to use when accessing any content or services to which the authorized user has access.

    • If you use an ArcGIS client API, the AuthenticationManager or IdentityManager classes automatically use a token credential to securely access resources, requiring no additional actions from you.

    • If you manually implement OAuth 2.0 authorization, you must either register the token credential with the ArcGIS API AuthenticationManager or IdentityManager class, or pass the token to the appropriate method or class as a parameter.

    Authentication with non-ArcGIS APIs

    It is possible to implement ArcGIS user authentication with non-ArcGIS APIs, however you remain responsible to obtain, manage, and secure user credentials as a part of your application. For this method, you must implement the appropriate authentication workflow for your application.

    Billing information

    User authentication allows individual users with an ArcGIS Online or ArcGIS Enterprise account to authorize your app to use the content and services to which they have access; it also uses their credits for any paid premium content and services.


    Your browser is no longer supported. Please upgrade your browser for the best experience. See our browser deprecation post for more details.