Introduction to API key authentication

API key authentication is a type of authentication that uses long-lived embedded directly into an application to authenticate requests to access secure and . The access tokens are called and managed through . It is the easiest type of authentication to set up, and is the recommended type of authentication for that access .

You can use API key authentication to:

  • Create that do not require users to sign in.
  • Build applications that access and items such as and .
  • Create personal automation scripts that access the and .
  • Quickly and easily generate .
  • Embed an directly into apps that remains valid for up to 1 year.
  • Access secure resources with the privileges of your .

How API key authentication works

API key overview
The API key authentication workflow

API key authentication requires creating and configuring so you can get an . An API key is a long-lived . API key credentials are an created in your that are used to create API keys and manage their privileges.

The general steps to implement API key authentication are:

  1. Create to get an API key.

  2. Paste the access token into your application.

  3. Your application uses the API key as an to access .

Your API key must have the correct to access secure resources. It is also recommended that you set referrer URLs in order to enhance the security of the token. These properties are managed through setting page of .

API key credentials

are an in your used to create and manage . You can manage the settings of API key credentials on their to generate up to two API keys, define their and set their expiration dates. API key credentials can also be used to regenerate or invalidate existing API keys.

API key authentication requires API key credentials. The most common pattern is to create a new API key credentials for each application. API key credentials are used to configure the of an API key, which grant access to specific services, items, and operations in ArcGIS.

Hybrid authentication

In , the AuthenticationManager and IdentityManager classes automatically implement a hybrid approach when using both and .

Applications can use both API keys and user authentication, utilizing their API key to access services while the user is signed out and then switching to an from user authentication when the user signs in.

Limitations

Service support

The following table provides an overview of the functionality available with each type of authentication:

API key authenticationUser authenticationApp authentication
ArcGIS Location Services
Data services (Item access)
Spatial analysis services11
Portal service (General privileges)11
Portal service (Admin privileges)11
Full supportPartial supportNo support
  • 1. Supported with ArcGIS Online and ArcGIS Location Platform.

ArcGIS Online

Required privileges: To create API key credentials with an , your account must have administrator access or a custom role with developer . The following privileges are required:

  • General privileges > Content > Generate API keys
  • General privileges > Content > Assign privileges to OAuth 2.0 applications

To learn more, go to the FAQ.

ArcGIS Enterprise

Version support: API key authentication is only available for users when using ArcGIS Enterprise version 11.4 or greater. ArcGIS Enterprise does not support .

Service limitations: API key authentication cannot be used to access with ArcGIS Enterprise. However, API keys can still be used to access secure in your Enterprise portal, such as and .

Required privileges: To create API key credentials with an , your account must have administrator access or a custom role with developer . The following privileges are required:

  • General privileges > Content > Generate API keys
  • General privileges > Content > Assign privileges to OAuth 2.0 applications

To learn more, go to the FAQ.

API key credentials

Creating credentials: There is no limit to the number of API key credentials and API keys you can create.

Accessing items: An API key credential can be configured to access a maximum of 100 you own.

Viewing API keys: The value of an can only be viewed when the API key is first generated. After a key has been created, its full value is no longer accessible and is not stored in ArcGIS. If you lose the value of an API key, you have to invalidate it and generate a new key using the item page.

Changing properties: Editing any of the , item access privileges, or the expiration date of API key credentials will invalidate all associated API keys. New keys can be generated in the Settings section of the API key credentials item page.

API keys (legacy)

Prior to June 2024, API key authentication used . These API keys still function, but are deprecated and can no longer be created or modified. All new API keys must be created using .

API key comparison

The following table shows the differences between and :

API key (legacy)API key credentials
Max number of keys ()100 keysNo limit
Max number of keys (, cumulative across all organization members)100 keysNo limit
Privileges availableArcGIS Location Services, , (General), Portal service (Admin)
Item access privilegesSupported only for ArcGIS Location PlatformSupported for all account types
Max number of items with item access privileges100 items per key100 items per credential
API key expiration dateNot configurable (Does not expire)Configurable (Lasts up to one year)
API key rotationNot supportedSupported
ArcGIS Enterprise supportNot supportedSupported in Enterprise version >= 11.4

Tutorials

Create an API key

Create and configure API key credentials to get a long-lived API key access token.


Manage API key credentials

Manage previously created API key credentials to regenerate, edit privileges, and edit item access of API keys.


Migrate API keys (legacy) to API key credentials

Migrate from an API key (legacy) created before June 2024 to an API key from API key credentials.


Rotate API keys

Rotate API keys in a deployed application to refresh their expiration dates.


API support

API key authentication
ArcGIS Maps SDK for JavaScript
ArcGIS Maps SDK for .NET
ArcGIS Maps SDK for Kotlin
ArcGIS Maps SDK for Swift
ArcGIS Maps SDK for Flutter
ArcGIS Maps SDK for Java
ArcGIS Maps SDK for Qt
ArcGIS API for Python
ArcGIS REST JS
Esri Leaflet
MapLibre GL JS
OpenLayers
CesiumJS
Full supportPartial supportNo support

    Your browser is no longer supported. Please upgrade your browser for the best experience. See our browser deprecation post for more details.

    You can no longer sign into this site. Go to your ArcGIS portal or the ArcGIS Location Platform dashboard to perform management tasks.

    Your ArcGIS portal

    Create, manage, and access API keys and OAuth 2.0 developer credentials, hosted layers, and data services.

    Your ArcGIS Location Platform dashboard

    Manage billing, monitor service usage, and access additional resources.

    Learn more about these changes in the What's new in Esri Developers June 2024 blog post.

    Close