Hide Table of Contents
esri/dijit/util
esri/layer/pixelFilters
esri/process
esri/support
esri/workers
Class: OAuthInfo

require(["esri/arcgis/OAuthInfo"], function(OAuthInfo) { /* code goes here */ });

Description

(Added at v3.10)
This class contains information about an OAuth configuration.

See also

Samples

Search for samples that use this class.

Constructors

NameSummary
new OAuthInfo(params)Creates a new OAuthInfo given the specified parameters.

Properties

NameTypeSummary
appIdStringThe registered application Id.
authNamespaceStringApplications with the same value will share the stored token on the same host.
expirationNumberThe number of minutes the token that the token is valid.
flowTypeString Set this property to specify the type of authentication to use.
localeStringThe locale for the OAuth sign in page.
minTimeUntilExpirationNumberThe minimum time in minutes before a saved token is due to expire that it should still be considered valid for use.
popupBooleanSet to true to show the OAuth sign in page in a popup window.
popupCallbackUrlStringApplicable if working with the popup user-login workflow.
popupWindowFeaturesStringThe window features passed to window.open().
portalUrlStringThe ArcGIS for Portal URL.
preserveUrlHashBooleanSet this property to true when popup is false in order to have the window's location hash value restored after signing in.

Methods

NameReturn typeSummary
toJson()ObjectReturns an easily serializable object representation of the OAuthInfo.
Constructor Details

new OAuthInfo(params)

Creates a new OAuthInfo given the specified parameters.
Parameters:
<Object> params Required Various options to configure the OAuthInfo object. All the properties can be passed into the params object.
params properties:
<String> appId Required The registered application Id.
<String> authNamespace Optional Applications with the same value will share the stored token on the same host. The default value is "/" (forward slash).
<Number> expiration Optional The number of minutes the token will be valid for. The default is 20160 (two weeks).
<String> flowType Optional Set this property to specify the type of authentication to use. One-step authentication has been superseded in favor of the recommended two-step approach (ie. grant_type=authorization-code). This update coincides with recommendations in the OAuth 2.1 recommendation.
<String> locale Optional The locale for the OAuth sign in page. The default locale is based on your browser/OS and the locale for the organization that you are using. You can use the locale property to change this. The locale needs to follow the language dash country code syntax supported by ArcGIS.com. See localization for details.
<Number> minTimeUntilExpiration Optional The minimum time in minutes before a saved token is due to expire that it should still be considered valid for use. The default value is 30.
<Boolean> popup Optional Set to true to show the OAuth sign in page in a popup window. The default value is "false".
<String> popupCallbackUrl Optional The relative page URL for the user to be sent to from the OAuth sign in page. The default value is oauth-callback.html. You can download this here.
<String> popupWindowFeatures Optional The window features passed to window.open(). The default value is "height=490,width=800,resizable,scrollbars,status.
<String> portalUrl Optional The ArcGIS for Portal URL. The default value is "https://www.arcgis.com."
Sample:
require([
 "esri/arcgis/OAuthInfo", ... 
  ], function(OAuthInfo, ... ) {
     var oAuthInfo = new OAuthInfo({ 
        appId: "", //required parameter
         ... //specify optional parameters if needed 
});
Property Details

<String> appId

The registered application Id.

<String> authNamespace

Applications with the same value will share the stored token on the same host.
Default value: / (forward slash)

<Number> expiration

The number of minutes the token that the token is valid.
Default value: 20160 (two weeks).

<String> flowType

Set this property to specify the type of authentication to use. One-step authentication has been superseded in favor of the recommended two-step approach (ie. grant_type=authorization-code). This update coincides with recommendations in the OAuth 2.1 recommendation.

Possible Value Description
auto Automatically defaults to two-step authentication with PKCE if accessing resources from ArcGIS Online or ArcGIS Enterprise 10.9 or higher. One-step authentication is used if accessing an earlier version of ArcGIS Enterprise.
authorization-code Similar to auto, this also uses two-step authentication with PKCE, but this does not check the server version. Do not use this type if accessing resources on older server versions without PKCE support.
implicit One-step authentication. This is no longer a recommended approach and has been superseded by two-step authentication. Use this type if working with older server versions (ie. prior to 10.9). Please refer to OAuth 2.0 Security Best Current Practices for additional information.

When signing into an application via a popup, the referenced callback page should be compatible for whatever authentication type is used. The default oauth-callback.html has been updated to allow for these updates in the two-step approach, although it will stickll work is using the one-step flow.

(Added at v3.40)
Known values: auto | authorization-code | implicit
Default value: auto

<String> locale

The locale for the OAuth sign in page. The default locale is based on your browser/OS and the locale for the organization that you are using. You can use the locale property to change this. The locale needs to follow the language dash country code syntax supported by ArcGIS.com. See localization for details.
Default value: Based on your browser/OS and the locale for the organization that you are using.

<Number> minTimeUntilExpiration

The minimum time in minutes before a saved token is due to expire that it should still be considered valid for use.
Default value: 30 minutes

<Boolean> popup

Set to true to show the OAuth sign in page in a popup window.
Known values: true | false
Default value: false

<String> popupCallbackUrl

Applicable if working with the popup user-login workflow. This is a relative page URL that redirects the user back to the secured application after successful login. You can download the default page here.
Default value: oauth-callback.html

<String> popupWindowFeatures

The window features passed to window.open().
Default value: height=490,width=800,resizable,scrollbars,status

<String> portalUrl

The ArcGIS for Portal URL.
Default value: https://www.arcgis.com

<Boolean> preserveUrlHash

Set this property to true when popup is false in order to have the window's location hash value restored after signing in. (Added at v3.31)
Default value: false
Method Details

toJson()

Returns an easily serializable object representation of the OAuthInfo.
Return type: Object
Show Modal