FAQ | Documentation | Esri Developer

General

This guide is for ArcGIS Location PlatformArcGIS Location Platform, formerly known as ArcGIS Platform, is a Platform as a Service (PaaS) product that gives developers access to location services, APIs, and tools to build mapping and spatial analysis applications. It is subscription-based and requires an ArcGIS Location Platform account.Learn more, ArcGIS OnlineArcGIS Online is a GIS mapping, analytics, data hosting, and content management software as a service (SaaS) product. It includes applications, tools, APIs, and location services for users and developers. It is subscription-based and requires an ArcGIS Online account.Learn more, and ArcGIS EnterpriseArcGIS Enterprise is a GIS mapping, analytics, data hosting, and content management product that can be hosted on-premise or in a cloud infrastructure. It includes software, applications, tools, APIs, and services for users and developers.Learn more developers implementing authentication in custom applications.

The table below shows the account types you can use and limitations:

	ArcGIS Location Platform account	ArcGIS Online account	ArcGIS Enterprise account
ArcGIS Location Services		¹
Data services (Item access)	²
Spatial analysis services
Portal	³
Portal service	³

Full supportPartial supportNo support

1. Places service not supported.
2. Only supports creating and accessing feature services, vector tile services, and map tile services.
3. Single-user organization. Limited user, group, and administration functionality available.

The following resources are secure and require authentication to access:

Portal: A portal is secure and requires users and applications to sign in. All content itemsAn item, also known as a content item, is a resource stored in a portal such as a web map, hosted layer, style, script tool, file, or notebook.Learn more in a portalArcGIS portal, also known as a portal, is a website with applications and tools that can be used to create, manage, access, and share geospatial content and data. It supports security and authentication, developer credentials, content and data service management, user and group management, and site administration. A portal can be hosted in Esri's infrastructure or your own infrastructure.Learn more are secure and may require authentication depending on their sharing levelSharing level is the security setting assigned to an item in a portal that controls which users can access the resource. The sharing levels are Owner, Organization, Groups, and Everyone.Learn more.
ArcGIS services: All ArcGIS services hosted in Esri's infrastructure are secure, including location servicesArcGIS Location Services, also referred to as Location Services, are services hosted by Esri that provide geospatial functionality for developing mapping applications. They include the ArcGIS Basemap Styles service, ArcGIS Static Basemap Tiles service, ArcGIS Places service, ArcGIS Geocoding service, ArcGIS Routing service, ArcGIS GeoEnrichment service, and ArcGIS Elevation service. An ArcGIS Location Platform or ArcGIS Online account is required to use the services.Learn more, spatial analysis servicesSpatial analysis services are services that perform geometry and statistical analyses on feature and raster data.Learn more, data servicesData services, also known as hosted data services, are services created dynamically to store and provide access to your data in ArcGIS. Examples are feature services, vector tile services, map tile services, image services, and scene services.Learn more, and the portal serviceA portal service provides the functionality to securely create, access, and manage content, data services, users, and groups in a portal. The service can be hosted by Esri or in ArcGIS Enterprise.Learn more.
ArcGIS Enterprise services: All ArcGIS Enterprise services hosted in your own infrastructure are secure.
Low/No-code applications: Applications built using low/no-code builders are hosted in a portalArcGIS portal, also known as a portal, is a website with applications and tools that can be used to create, manage, access, and share geospatial content and data. It supports security and authentication, developer credentials, content and data service management, user and group management, and site administration. A portal can be hosted in Esri's infrastructure or your own infrastructure.Learn more and secure and may require authentication depending on their sharing levelSharing level is the security setting assigned to an item in a portal that controls which users can access the resource. The sharing levels are Owner, Organization, Groups, and Everyone.Learn more.
ArcGIS tools: All ArcGIS toolsTools, also known as developer tools, are ArcGIS software applications such as portal and ArcGIS Pro that developers can use to prepare content and data for custom applications they are building.Learn more are secure, such as ArcGIS ProArcGIS Pro is a professional desktop GIS application that can explore, visualize, analyze, and manage 2D and 3D data.Learn more, Map ViewerMap Viewer is a browser-based mapping tool that can view, create, and save web maps. It can also perform mapping, visualization, and spatial analysis operations.Learn more, Scene ViewerScene Viewer(™) is a browser-based mapping tool that can view, create, and save web scenes.Learn more.
Subscriber and premium content: Subscriber content is a type of secure itemAn item, also known as a content item, is a resource stored in a portal such as a web map, hosted layer, style, script tool, file, or notebook.Learn more hosted in ArcGIS Living Atlas that requires an ArcGIS OnlineArcGIS Online is a GIS mapping, analytics, data hosting, and content management software as a service (SaaS) product. It includes applications, tools, APIs, and location services for users and developers. It is subscription-based and requires an ArcGIS Online account.Learn more account. Premium content is a subtype of subscriber content that consumes credits.

The following table provides an overview of the functionality available with each type of authentication:

	API key authentication	User authentication	App authentication
ArcGIS Location Services	¹	¹	¹
Data services (Item access)	²
Spatial analysis services	¹		¹
Portal service (General privileges)
Portal service (Admin privileges)

Full supportPartial supportNo support

1. Supported with ArcGIS Online and ArcGIS Location Platform.
2. Supported, but not recommended due to security risks.

The privileges required for an access tokenAn access token is an authorization string that provides access to secure ArcGIS content, data, and services. Its capabilities are determined by the privileges it supports. It is obtained by implementing API key authentication, User authentication, or App authentication.Learn more depend on the resources and functionality required by your application. To view the complete list, go to Privileges.

The cost to access ArcGIS services depends on the type of ArcGIS account you have and the services you use.

If you have an ArcGIS Location Platform accountAn ArcGIS Location Platform account, formerly known as an ArcGIS Developer account, is an identity associated with an ArcGIS Location Platform subscription.Learn more, you are billed in US dollars. To determine the cost of accessing services, go to Pricing. A free tier is available for some services.
If you have an ArcGIS Online accountAn ArcGIS Online account, also known as an ArcGIS Organization account, is an identity associated with an ArcGIS Online subscription. It can be used to access ArcGIS tools and develop applications with ArcGIS location services for an organization.Learn more, you are billed in creditsCredits are the currency used by ArcGIS Online Organization accounts to account for data storage and location service consumption. Credits are consumed for specific transactions, such as accessing location services, and types of storage, such as storing features, performing analytics, and using premium content.Learn more. To determine the cost of accessing services, go to Understanding credits.

Esri's Terms of Use documents include legal guidelines for the use of Esri products, services, and data.

Some of the key documents you will find are the:

Developer credentials

If you do not see an option for API key credentialsAPI key credentials are an item that contains the parameters used to create and manage long-lived access tokens for API key authentication. They are a type of developer credential.Learn more in the developer credentialsDeveloper credentials are a type of item in a portal that contains parameters for authentication. There are two types of developer credentials: API key credentials and OAuth credentials.Learn more creation menu, your account might not have the correct privilegesPrivileges are a set of permissions assigned to ArcGIS accounts, developer credentials, and applications that grant access to secure resources and functionality in ArcGIS.Learn more. If you have an ArcGIS Online account or an ArcGIS Enterprise accountAn ArcGIS Enterprise account is an identity for an instance of ArcGIS Enterprise. It can be used to access ArcGIS Enterprise tools, applications, and services, and to develop applications.Learn more, your account needs the following privileges to create and assign authorization to API key credentials:

General privileges > Content > Generate API keys
General privileges > Content > Assign privileges to OAuth 2.0 applications

To get these privileges, ask your organizationAn organization a list of members from the same business, association, or entity who can sign in, access tools and applications, and collaborate with other members in a portal. All members have an ArcGIS account and are approved by an administrator to access the same portal.Learn more administrator to create a custom role for developers and assign it to your account. To learn more, go to "Roles" in the ArcGIS Online documentation or the ArcGIS Enterprise documentation.

If you do not see the Privileges or Item access windows when creating developer credentialsDeveloper credentials are a type of item in a portal that contains parameters for authentication. There are two types of developer credentials: API key credentials and OAuth credentials.Learn more, your account might not have the correct privilegesPrivileges are a set of permissions assigned to ArcGIS accounts, developer credentials, and applications that grant access to secure resources and functionality in ArcGIS.Learn more. If you have an ArcGIS Online account or an ArcGIS Enterprise accountAn ArcGIS Enterprise account is an identity for an instance of ArcGIS Enterprise. It can be used to access ArcGIS Enterprise tools, applications, and services, and to develop applications.Learn more, your account needs the privilege to work with developer credentials:

General privileges > Content > Assign privileges to OAuth 2.0 applications

To get this privilege and related developer privileges, ask your organizationAn organization a list of members from the same business, association, or entity who can sign in, access tools and applications, and collaborate with other members in a portal. All members have an ArcGIS account and are approved by an administrator to access the same portal.Learn more administrator to create a custom role for developers and assign it to your account. To learn more, go to "Roles" in the ArcGIS Online documentation or the ArcGIS Enterprise documentation.

If a privilege is not available to your developer credentials, it may not be visible for the following reasons:

Your account does not have the correct user type or roles.
You have the wrong type of ArcGIS accountAn ArcGIS account is an identity with a user type and set of privileges that can access specific ArcGIS products, tools, APIs, services, and resources. The main account types that can be used for development are an ArcGIS Location Platform account, ArcGIS Online account, and ArcGIS Enterprise account. ArcGIS Location Platform and ArcGIS Online accounts are also associated with a subscription.Learn more. The privileges available to you differ depending on if you use ArcGIS Location PlatformArcGIS Location Platform, formerly known as ArcGIS Platform, is a Platform as a Service (PaaS) product that gives developers access to location services, APIs, and tools to build mapping and spatial analysis applications. It is subscription-based and requires an ArcGIS Location Platform account.Learn more, ArcGIS OnlineArcGIS Online is a GIS mapping, analytics, data hosting, and content management software as a service (SaaS) product. It includes applications, tools, APIs, and location services for users and developers. It is subscription-based and requires an ArcGIS Online account.Learn more, or ArcGIS EnterpriseArcGIS Enterprise is a GIS mapping, analytics, data hosting, and content management product that can be hosted on-premise or in a cloud infrastructure. It includes software, applications, tools, APIs, and services for users and developers.Learn more
You do not have pay-as-you-go enabled in your ArcGIS Location PlatformArcGIS Location Platform, formerly known as ArcGIS Platform, is a Platform as a Service (PaaS) product that gives developers access to location services, APIs, and tools to build mapping and spatial analysis applications. It is subscription-based and requires an ArcGIS Location Platform account.Learn more account.
You are using a type of authentication that does not support the privileges you require. To learn more, go to Types of authentication.

API key authentication

API key credentials are available for the following account types:

ArcGIS Location Platform accountsAn ArcGIS Location Platform account, formerly known as an ArcGIS Developer account, is an identity associated with an ArcGIS Location Platform subscription.Learn more
ArcGIS Online accountsAn ArcGIS Online account, also known as an ArcGIS Organization account, is an identity associated with an ArcGIS Online subscription. It can be used to access ArcGIS tools and develop applications with ArcGIS location services for an organization.Learn more:
- Requires a user type of "Creator" or higher.
- You need to be an administrator of your organizationAn organization a list of members from the same business, association, or entity who can sign in, access tools and applications, and collaborate with other members in a portal. All members have an ArcGIS account and are approved by an administrator to access the same portal.Learn more or have a custom role with the following privilegesPrivileges are a set of permissions assigned to ArcGIS accounts, developer credentials, and applications that grant access to secure resources and functionality in ArcGIS.Learn more: General privileges > Content > Generate API keys, General privileges > Content > Assign privileges to OAuth 2.0 applications.
ArcGIS Enterprise accountsAn ArcGIS Enterprise account is an identity for an instance of ArcGIS Enterprise. It can be used to access ArcGIS Enterprise tools, applications, and services, and to develop applications.Learn more:
- Requires ArcGIS Enterprise version 11.4 or greater.
- Requires a user type of "Creator" or higher.
- You need to be an administrator of your organizationAn organization a list of members from the same business, association, or entity who can sign in, access tools and applications, and collaborate with other members in a portal. All members have an ArcGIS account and are approved by an administrator to access the same portal.Learn more or have a custom role with the following privilegesPrivileges are a set of permissions assigned to ArcGIS accounts, developer credentials, and applications that grant access to secure resources and functionality in ArcGIS.Learn more: General privileges > Content > Generate API keys, General privileges > Content > Assign privileges to OAuth 2.0 applications.

Support for API key authenticationAPI key authentication is a type of authentication that uses an API key to authenticate requests to ArcGIS services and secure portal items.Learn more was added to ArcGIS Enterprise in version 11.4. It is not possible to access ArcGIS Enterprise servicesArcGIS Enterprise services are services an organization can host in ArcGIS Enterprise. This includes map services, feature services, tile services, geometry services, geoprocessing services, spatial analysis services, and many others.Learn more with an API key in versions prior to 11.4.

API keys (legacy)An API key (legacy) is a permanent access token created before June 2024 used for accessing ArcGIS location services. API keys (legacy) have been replaced with API key credentials and can no longer be created.Learn more are not supported in ArcGIS Enterprise.

Service usage with API key authenticationAPI key authentication is a type of authentication that uses an API key to authenticate requests to ArcGIS services and secure portal items.Learn more is billed to the ArcGIS subscriptionAn ArcGIS subscription is a free or paid plan that defines the capabilities of an ArcGIS account and the method of billing for the consumption of location services.Learn more associated with the developer's account. The developer who created the API key credentialsAPI key credentials are an item that contains the parameters used to create and manage long-lived access tokens for API key authentication. They are a type of developer credential.Learn more, or the organization the developer belongs to, will incur all costs associated with the key.

API key authentication is recommended for public applicationsA public application is an application that allows anonymous access without requiring users to sign in with an ArcGIS account. It supports API key or app authentication.Learn more and standalone automation scripts. API keys used in public applications should have a limited set of privilegesPrivileges are a set of permissions assigned to ArcGIS accounts, developer credentials, and applications that grant access to secure resources and functionality in ArcGIS.Learn more, and have their referrer URLs configured to prevent the key from being stolen.

To learn about the best practices for API key authenticationAPI key authentication is a type of authentication that uses an API key to authenticate requests to ArcGIS services and secure portal items.Learn more, go to Security best practices.

User authentication

User authentication requires OAuth credentialsOAuth credentials are an item that contains parameters required to implement user authentication or app authentication, including a client_id, client_secret, and redirect URIs. They are a type of developer credential.Learn more, which are available for the following account types:

ArcGIS Location Platform accountsAn ArcGIS Location Platform account, formerly known as an ArcGIS Developer account, is an identity associated with an ArcGIS Location Platform subscription.Learn more
ArcGIS Online accountsAn ArcGIS Online account, also known as an ArcGIS Organization account, is an identity associated with an ArcGIS Online subscription. It can be used to access ArcGIS tools and develop applications with ArcGIS location services for an organization.Learn more:
- Requires a user type of "Creator" or higher.
ArcGIS Enterprise accountsAn ArcGIS Enterprise account is an identity for an instance of ArcGIS Enterprise. It can be used to access ArcGIS Enterprise tools, applications, and services, and to develop applications.Learn more:
- Requires a user type of "Creator" or higher.

Service usage with user authenticationUser authentication is a type of authentication that allows users with an ArcGIS account to sign into an application and allow it to access ArcGIS content, services, and resources on their behalf. The typical authorization protocol used is OAuth2.0.Learn more is individually billed to the ArcGIS subscriptionsAn ArcGIS subscription is a free or paid plan that defines the capabilities of an ArcGIS account and the method of billing for the consumption of location services.Learn more of each user who signs in to your application. Service usage can still be tracked with the OAuth credentialsOAuth credentials are an item that contains parameters required to implement user authentication or app authentication, including a client_id, client_secret, and redirect URIs. They are a type of developer credential.Learn more used to create the application, but all costs will be billed to the organizationAn organization a list of members from the same business, association, or entity who can sign in, access tools and applications, and collaborate with other members in a portal. All members have an ArcGIS account and are approved by an administrator to access the same portal.Learn more of users who sign in to the application.

Anyone with an ArcGIS accountAn ArcGIS account is an identity with a user type and set of privileges that can access specific ArcGIS products, tools, APIs, services, and resources. The main account types that can be used for development are an ArcGIS Location Platform account, ArcGIS Online account, and ArcGIS Enterprise account. ArcGIS Location Platform and ArcGIS Online accounts are also associated with a subscription.Learn more can sign in to apps that implement user authenticationUser authentication is a type of authentication that allows users with an ArcGIS account to sign into an application and allow it to access ArcGIS content, services, and resources on their behalf. The typical authorization protocol used is OAuth2.0.Learn more. However, user authentication is typically used for the following account types:

ArcGIS Online usersAn ArcGIS Online account, also known as an ArcGIS Organization account, is an identity associated with an ArcGIS Online subscription. It can be used to access ArcGIS tools and develop applications with ArcGIS location services for an organization.Learn more that are a member of an ArcGIS Online organizationAn organization a list of members from the same business, association, or entity who can sign in, access tools and applications, and collaborate with other members in a portal. All members have an ArcGIS account and are approved by an administrator to access the same portal.Learn more.
ArcGIS Enterprise usersAn ArcGIS Enterprise account is an identity for an instance of ArcGIS Enterprise. It can be used to access ArcGIS Enterprise tools, applications, and services, and to develop applications.Learn more that are a member of an ArcGIS Enterprise organizationAn organization a list of members from the same business, association, or entity who can sign in, access tools and applications, and collaborate with other members in a portal. All members have an ArcGIS account and are approved by an administrator to access the same portal.Learn more.

User authentication is used to build sign-in-enabled applications that require users to authenticate with an ArcGIS accountAn ArcGIS account is an identity with a user type and set of privileges that can access specific ArcGIS products, tools, APIs, services, and resources. The main account types that can be used for development are an ArcGIS Location Platform account, ArcGIS Online account, and ArcGIS Enterprise account. ArcGIS Location Platform and ArcGIS Online accounts are also associated with a subscription.Learn more. It can be implemented in any environment, including client-facing applications, server-side applications, and full stack applications.

To learn about the best practices for user authenticationUser authentication is a type of authentication that allows users with an ArcGIS account to sign into an application and allow it to access ArcGIS content, services, and resources on their behalf. The typical authorization protocol used is OAuth2.0.Learn more, go to Security best practices.

App authentication

App authentication requires OAuth credentialsOAuth credentials are an item that contains parameters required to implement user authentication or app authentication, including a client_id, client_secret, and redirect URIs. They are a type of developer credential.Learn more, which are available for the following account types:

ArcGIS Location Platform accountsAn ArcGIS Location Platform account, formerly known as an ArcGIS Developer account, is an identity associated with an ArcGIS Location Platform subscription.Learn more
ArcGIS Online accountsAn ArcGIS Online account, also known as an ArcGIS Organization account, is an identity associated with an ArcGIS Online subscription. It can be used to access ArcGIS tools and develop applications with ArcGIS location services for an organization.Learn more:
- Requires a user type of "Creator" or higher.
- You need to be an administrator of your organizationAn organization a list of members from the same business, association, or entity who can sign in, access tools and applications, and collaborate with other members in a portal. All members have an ArcGIS account and are approved by an administrator to access the same portal.Learn more or a have custom role with the following privilegePrivileges are a set of permissions assigned to ArcGIS accounts, developer credentials, and applications that grant access to secure resources and functionality in ArcGIS.Learn more: General privileges > Content > Assign privileges to OAuth 2.0 applications.
ArcGIS Enterprise accountsAn ArcGIS Enterprise account is an identity for an instance of ArcGIS Enterprise. It can be used to access ArcGIS Enterprise tools, applications, and services, and to develop applications.Learn more:
- Requires ArcGIS Enterprise 11.4 or greater for full functionality.
- Requires a user type of "Creator" or higher.
- You need to be an administrator of your organizationAn organization a list of members from the same business, association, or entity who can sign in, access tools and applications, and collaborate with other members in a portal. All members have an ArcGIS account and are approved by an administrator to access the same portal.Learn more or a have custom role with the following privilegePrivileges are a set of permissions assigned to ArcGIS accounts, developer credentials, and applications that grant access to secure resources and functionality in ArcGIS.Learn more: General privileges > Content > Assign privileges to OAuth 2.0 applications.

Service usage with app authenticationApp authentication is a type of authentication that grants a short-lived access token based on an OAuth 2.0 client ID and client secret, authorizing an application to access ArcGIS services and items.Learn more is billed to the ArcGIS subscriptionAn ArcGIS subscription is a free or paid plan that defines the capabilities of an ArcGIS account and the method of billing for the consumption of location services.Learn more associated with the developer's account. The developer who created the OAuth credentialsOAuth credentials are an item that contains parameters required to implement user authentication or app authentication, including a client_id, client_secret, and redirect URIs. They are a type of developer credential.Learn more, or the organization the developer belongs to, will incur all costs associated with the application.

App authentication is recommended for public applicationsA public application is an application that allows anonymous access without requiring users to sign in with an ArcGIS account. It supports API key or app authentication.Learn more with a server-side component, or for standalone console scripts. App authentication is more secure than API key authenticationAPI key authentication is a type of authentication that uses an API key to authenticate requests to ArcGIS services and secure portal items.Learn more, as client credentials are stored securely and never exposed to the client.

To learn about the best practices for app authenticationApp authentication is a type of authentication that grants a short-lived access token based on an OAuth 2.0 client ID and client secret, authorizing an application to access ArcGIS services and items.Learn more, go to Security best practices.