Introduction to user authentication

User authentication is a set of authentication workflows that allow users with an ArcGIS account to sign into an application and access ArcGIS content, services, and resources. The typical authentication protocol used is OAuth 2.0. When a user signs into an application with their ArcGIS account, an access token is generated that authorizes the application to access services and content on their behalf. The resources and functionality available depend on the user type, roles, and privileges of the user's ArcGIS account. This authentication type was previously known as Named user login and ArcGIS identity.

User authentication provides access to secure ArcGIS services and content on behalf of a user. It offers several advantages over other types of authentication:

  • Supports the secure OAuth 2.0 authorization_code flow.
  • Grants access to all services available to a user, including portal services and spatial analysis services.
  • Bills usage to user's accounts, rather than the developer's account.

How user authentication works

Generic user authentication workflow
The generic user authentication workflow. To view concrete examples, go to User authentication flows

The typical steps to implement user authentication are as follows:

  1. Create a set of OAuth credentials in your portal and set a redirect URL.

  2. Paste the client_id and redirect URL from your OAuth credentials into your application.

  3. Use an ArcGIS Maps SDK or API to create an authentication manager class and prompt users to sign in.

  4. Once authenticated, access the secure resources available to the signed-in user in your application.

OAuth credentials

OAuth credentials are an item used to support authentication workflows. They are required to implement user authentication and app authentication using OAuth 2.0 workflows.

User authentication flows

There are six different workflows that can be used to implement user authentication:

The flow you use will vary based on the type of application you build and client API you select.



If you are using one of the ArcGIS Maps SDKs, refer to that SDK's Access services with OAuth credentials tutorial to implement user authentication in your app:

After you complete the OAuth 2.0 authorization process, you receive a token credential to use when accessing any content or services to which the authorized user has access. In ArcGIS Maps SDKs, the AuthenticationManager and IdentityManager classes automatically use a token credential to securely access resources, requiring no additional actions from you.


It is possible to implement ArcGIS user authentication with non-ArcGIS APIs, however you remain responsible to obtain, manage, and secure user credentials as a part of your application. For this method, you must implement the appropriate authentication flow for your application. The following OAuth 2.0 flows are recommended:


Create OAuth credentials for user authentication

Create and configure OAuth credentials to set up user authentication.

Sign in with user authentication

API support

User authentication
ArcGIS Maps SDK for JavaScript
ArcGIS Maps SDK for .NET
ArcGIS Maps SDK for Kotlin
ArcGIS Maps SDK for Swift
ArcGIS Maps SDK for Java
ArcGIS Maps SDK for Qt
ArcGIS API for Python
Esri Leaflet1
MapLibre GL JS1
Full supportPartial supportNo support
  • 1. Supported via ArcGIS REST JS

Your browser is no longer supported. Please upgrade your browser for the best experience. See our browser deprecation post for more details.