Introduction to app authentication

App authentication is a type of authentication that generates short-lived based on a set of . The access tokens are associated with your , and can be used to to authenticate requests to access secure and .

App authentication is typically implemented on a web server or in standalone console scripts. This is to avoid exposing the confidential client_id and client_secret values contained within OAuth credentials. App authentication is not recommended for client applications without a web server, or in that require users to sign in.

You can use app authentication to:

  • Create web servers and automation scripts that access the and .
  • Create that do not require users to sign in.
  • Build applications that access and items such as and .
  • Authenticate with an process that provides better security than .
  • Access secure resources with the privileges of your .

How app authentication works

Client credentials flow
The client credentials flow used in app authentication. To learn more, go to Client credentials flow

Apps that implement submit requests for access tokens using an client_id and client_secret. These values are generated from and should remain confidential at all times.

The high-level process of app authentication is as follows:

  1. Include a client_id and client_secret from in your server script.
  2. Create an endpoint for clients to request access tokens.
  3. When a client requests a token, submit a request to the of your .
  4. Deliver the resulting access token to the client.
  5. The client uses the access token to access .

OAuth credentials

OAuth credentials are an used to support authentication workflows. They are required to implement and using workflows.

Limitations

Service support

The following table provides an overview of the functionality available with each type of authentication:

API key authenticationUser authenticationApp authentication
ArcGIS Location Services
Data services (Item access)
Spatial analysis services11
Portal service (General privileges)11
Portal service (Admin privileges)11
Full supportPartial supportNo support
  • 1. Supported with ArcGIS Online and ArcGIS Location Platform.

Account types

App authentication is available for , , and .

To create OAuth credentials with an , your account must have a role with the Assign privileges to OAuth 2.0 applications . To learn more, go to the FAQ.

OAuth credentials

Item access privileges: OAuth credentials can be configured to access a maximum of 100 items.

Tutorials

Create OAuth credentials for app authentication

Create and configure OAuth credentials to set up app authentication.


API support

App authentication
ArcGIS Maps SDK for JavaScript
ArcGIS Maps SDK for .NET
ArcGIS Maps SDK for Kotlin
ArcGIS Maps SDK for Swift
ArcGIS Maps SDK for Flutter
ArcGIS Maps SDK for Java
ArcGIS Maps SDK for Qt
ArcGIS API for Python
ArcGIS REST JS
Esri Leaflet
MapLibre GL JS
OpenLayers
CesiumJS
Full supportPartial supportNo support

    Your browser is no longer supported. Please upgrade your browser for the best experience. See our browser deprecation post for more details.

    You can no longer sign into this site. Go to your ArcGIS portal or the ArcGIS Location Platform dashboard to perform management tasks.

    Your ArcGIS portal

    Create, manage, and access API keys and OAuth 2.0 developer credentials, hosted layers, and data services.

    Your ArcGIS Location Platform dashboard

    Manage billing, monitor service usage, and access additional resources.

    Learn more about these changes in the What's new in Esri Developers June 2024 blog post.

    Close