Authenticate with an ArcGIS identity
Learn how to use ArcGIS API for Javascript to create an ArcGIS identity, also known as named user login.
If your application needs access to your users' secure content through the ArcGIS Platform or if you are distributing your app through ArcGIS Marketplace, you must implement authentication with an ArcGIS identity. This allows individual users with an ArcGIS Online or ArcGIS Enterprise account to authorize your app to use the content and services to which they have access; it also uses their credits for any paid premium content and services.
Prerequisites
You need an ArcGIS account to register a new application and obtain its client_id. See the register your application tutorial. If you do not have an ArcGIS account you can sign up for a free ArcGIS Developer account.
When registering your application you will need to configure a redirect URL that will point to the URL where you are hosting your application. Generally this will be a local web server such as http://localhost:8000.
Steps
Scaffold the HTML
In the HTML, add
<button>and<pre>elements to allow the user to sign in, sign out, and to display user credentials.Add line. Add line. Add line. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="initial-scale=1, maximum-scale=1,user-scalable=no" /> <title>ArcGIS API for JavaScript Tutorials: Authenticate with an ArcGIS identity</title> </style> <link rel="stylesheet" href="%JS_API_CDN%esri/themes/light/main.css"> <script src="%JS_API_CDN%"></script> <style> html, body { font-size: 150%; margin: 10vh 10vw; } </style> <script> require([ "esri/portal/Portal", "esri/identity/OAuthInfo", "esri/identity/IdentityManager" ], function (Portal, OAuthInfo, esriId) { const info = new OAuthInfo({ appId: "YOUR-CLIENT-ID", popup: false // the default }); esriId.registerOAuthInfos([info]); esriId .checkSignInStatus(info.portalUrl + "/sharing") .then(() => { handleSignedIn(); }) .catch(() => { handleSignedOut(); }); document.getElementById("sign-in").addEventListener("click", function () { esriId.getCredential(info.portalUrl + "/sharing"); }); document.getElementById("sign-out").addEventListener("click", function () { esriId.destroyCredentials(); window.location.reload(); }); function handleSignedIn() { const portal = new Portal(); portal.load().then(() => { const results = { name: portal.user.fullName, username: portal.user.username }; document.getElementById("results").innerText = JSON.stringify(results, null, 2); }); } function handleSignedOut() { document.getElementById("results").innerText = 'Signed Out' } }); </script> </head> <body> <button id="sign-in" class="btn btn-primary">Sign In</button> <button id="sign-out" class="btn btn-primary">Sign Out</button> <pre><code id="results"></code></pre> </body> </html>
Add modules
In the
requirestatement, add thePortal,OAuthInfo, andIdenitityManagermodules.The ArcGIS API for JavaScript uses AMD modules. The
requirefunction is used to load modules so they can be used in the mainfunction. It's important to keep the module references and function parameters in the same order.Add line. Add line. Add line. Add line. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="initial-scale=1, maximum-scale=1,user-scalable=no" /> <title>ArcGIS API for JavaScript Tutorials: Authenticate with an ArcGIS identity</title> </style> <link rel="stylesheet" href="%JS_API_CDN%esri/themes/light/main.css"> <script src="%JS_API_CDN%"></script> <style> html, body { font-size: 150%; margin: 10vh 10vw; } </style> <script> require([ "esri/portal/Portal", "esri/identity/OAuthInfo", "esri/identity/IdentityManager" ], function (Portal, OAuthInfo, esriId) { const info = new OAuthInfo({ appId: "YOUR-CLIENT-ID", popup: false // the default }); esriId.registerOAuthInfos([info]); esriId .checkSignInStatus(info.portalUrl + "/sharing") .then(() => { handleSignedIn(); }) .catch(() => { handleSignedOut(); }); document.getElementById("sign-in").addEventListener("click", function () { esriId.getCredential(info.portalUrl + "/sharing"); }); document.getElementById("sign-out").addEventListener("click", function () { esriId.destroyCredentials(); window.location.reload(); }); function handleSignedIn() { const portal = new Portal(); portal.load().then(() => { const results = { name: portal.user.fullName, username: portal.user.username }; document.getElementById("results").innerText = JSON.stringify(results, null, 2); }); } function handleSignedOut() { document.getElementById("results").innerText = 'Signed Out' } }); </script> </head> <body> <button id="sign-in" class="btn btn-primary">Sign In</button> <button id="sign-out" class="btn btn-primary">Sign Out</button> <pre><code id="results"></code></pre> </body> </html>
Register credentials with Identity Manager
From the ArcGIS Developer dashboard, OAuth 2.0 tab, copy your application's
client_id.Create an
OAuthInfoobject and set theappIdwith the copiedclient_idbefore you register it withIdentityManager.Add line. Add line. Add line. Add line. Add line. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="initial-scale=1, maximum-scale=1,user-scalable=no" /> <title>ArcGIS API for JavaScript Tutorials: Authenticate with an ArcGIS identity</title> </style> <link rel="stylesheet" href="%JS_API_CDN%esri/themes/light/main.css"> <script src="%JS_API_CDN%"></script> <style> html, body { font-size: 150%; margin: 10vh 10vw; } </style> <script> require([ "esri/portal/Portal", "esri/identity/OAuthInfo", "esri/identity/IdentityManager" ], function (Portal, OAuthInfo, esriId) { const info = new OAuthInfo({ appId: "YOUR-CLIENT-ID", popup: false // the default }); esriId.registerOAuthInfos([info]); esriId .checkSignInStatus(info.portalUrl + "/sharing") .then(() => { handleSignedIn(); }) .catch(() => { handleSignedOut(); }); document.getElementById("sign-in").addEventListener("click", function () { esriId.getCredential(info.portalUrl + "/sharing"); }); document.getElementById("sign-out").addEventListener("click", function () { esriId.destroyCredentials(); window.location.reload(); }); function handleSignedIn() { const portal = new Portal(); portal.load().then(() => { const results = { name: portal.user.fullName, username: portal.user.username }; document.getElementById("results").innerText = JSON.stringify(results, null, 2); }); } function handleSignedOut() { document.getElementById("results").innerText = 'Signed Out' } }); </script> </head> <body> <button id="sign-in" class="btn btn-primary">Sign In</button> <button id="sign-out" class="btn btn-primary">Sign Out</button> <pre><code id="results"></code></pre> </body> </html>
Handle sign in
Once you have registered your client_id with IdentityManager the ArcGIS API for JavaScript will automatically prompt a user to authorize your application whenever it accesses a service that requires authentication. Create a sign in experience by accessing the users profiles with the Portal class.
Create a
handleSignedInfunction to be called when the user authorizes your application and then load thePortal. After the user provides authorization, obtain and display thefullNameandusernameon the page.Add line. Add line. Add line. Add line. Add line. Add line. Add line. Add line. Add line. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="initial-scale=1, maximum-scale=1,user-scalable=no" /> <title>ArcGIS API for JavaScript Tutorials: Authenticate with an ArcGIS identity</title> </style> <link rel="stylesheet" href="%JS_API_CDN%esri/themes/light/main.css"> <script src="%JS_API_CDN%"></script> <style> html, body { font-size: 150%; margin: 10vh 10vw; } </style> <script> require([ "esri/portal/Portal", "esri/identity/OAuthInfo", "esri/identity/IdentityManager" ], function (Portal, OAuthInfo, esriId) { const info = new OAuthInfo({ appId: "YOUR-CLIENT-ID", popup: false // the default }); esriId.registerOAuthInfos([info]); esriId .checkSignInStatus(info.portalUrl + "/sharing") .then(() => { handleSignedIn(); }) .catch(() => { handleSignedOut(); }); document.getElementById("sign-in").addEventListener("click", function () { esriId.getCredential(info.portalUrl + "/sharing"); }); document.getElementById("sign-out").addEventListener("click", function () { esriId.destroyCredentials(); window.location.reload(); }); function handleSignedIn() { const portal = new Portal(); portal.load().then(() => { const results = { name: portal.user.fullName, username: portal.user.username }; document.getElementById("results").innerText = JSON.stringify(results, null, 2); }); } function handleSignedOut() { document.getElementById("results").innerText = 'Signed Out' } }); </script> </head> <body> <button id="sign-in" class="btn btn-primary">Sign In</button> <button id="sign-out" class="btn btn-primary">Sign Out</button> <pre><code id="results"></code></pre> </body> </html>Call the
checkSignInStatusmethod against a service URL. If the user has provided credentials, call thehandleSignedInfunction.checkSignInStatuscan accept a URL for any service. The default ArcGIS portal URLhttps://arcgis.com/sharing/rest/is the easiest way to fully authenticate a user.Add line. Add line. Add line. Add line. Add line. Add line. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="initial-scale=1, maximum-scale=1,user-scalable=no" /> <title>ArcGIS API for JavaScript Tutorials: Authenticate with an ArcGIS identity</title> </style> <link rel="stylesheet" href="%JS_API_CDN%esri/themes/light/main.css"> <script src="%JS_API_CDN%"></script> <style> html, body { font-size: 150%; margin: 10vh 10vw; } </style> <script> require([ "esri/portal/Portal", "esri/identity/OAuthInfo", "esri/identity/IdentityManager" ], function (Portal, OAuthInfo, esriId) { const info = new OAuthInfo({ appId: "YOUR-CLIENT-ID", popup: false // the default }); esriId.registerOAuthInfos([info]); esriId .checkSignInStatus(info.portalUrl + "/sharing") .then(() => { handleSignedIn(); }) .catch(() => { handleSignedOut(); }); document.getElementById("sign-in").addEventListener("click", function () { esriId.getCredential(info.portalUrl + "/sharing"); }); document.getElementById("sign-out").addEventListener("click", function () { esriId.destroyCredentials(); window.location.reload(); }); function handleSignedIn() { const portal = new Portal(); portal.load().then(() => { const results = { name: portal.user.fullName, username: portal.user.username }; document.getElementById("results").innerText = JSON.stringify(results, null, 2); }); } function handleSignedOut() { document.getElementById("results").innerText = 'Signed Out' } }); </script> </head> <body> <button id="sign-in" class="btn btn-primary">Sign In</button> <button id="sign-out" class="btn btn-primary">Sign Out</button> <pre><code id="results"></code></pre> </body> </html>
Handle sign out
Create a
handleSignedOutfunction when a user's credentials are destroyed.Add line. Add line. Add line. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="initial-scale=1, maximum-scale=1,user-scalable=no" /> <title>ArcGIS API for JavaScript Tutorials: Authenticate with an ArcGIS identity</title> </style> <link rel="stylesheet" href="%JS_API_CDN%esri/themes/light/main.css"> <script src="%JS_API_CDN%"></script> <style> html, body { font-size: 150%; margin: 10vh 10vw; } </style> <script> require([ "esri/portal/Portal", "esri/identity/OAuthInfo", "esri/identity/IdentityManager" ], function (Portal, OAuthInfo, esriId) { const info = new OAuthInfo({ appId: "YOUR-CLIENT-ID", popup: false // the default }); esriId.registerOAuthInfos([info]); esriId .checkSignInStatus(info.portalUrl + "/sharing") .then(() => { handleSignedIn(); }) .catch(() => { handleSignedOut(); }); document.getElementById("sign-in").addEventListener("click", function () { esriId.getCredential(info.portalUrl + "/sharing"); }); document.getElementById("sign-out").addEventListener("click", function () { esriId.destroyCredentials(); window.location.reload(); }); function handleSignedIn() { const portal = new Portal(); portal.load().then(() => { const results = { name: portal.user.fullName, username: portal.user.username }; document.getElementById("results").innerText = JSON.stringify(results, null, 2); }); } function handleSignedOut() { document.getElementById("results").innerText = 'Signed Out' } }); </script> </head> <body> <button id="sign-in" class="btn btn-primary">Sign In</button> <button id="sign-out" class="btn btn-primary">Sign Out</button> <pre><code id="results"></code></pre> </body> </html>Append a
catchstatement to call thehandleSignedOutfunction when the user signs out.Add line. Add line. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="initial-scale=1, maximum-scale=1,user-scalable=no" /> <title>ArcGIS API for JavaScript Tutorials: Authenticate with an ArcGIS identity</title> </style> <link rel="stylesheet" href="%JS_API_CDN%esri/themes/light/main.css"> <script src="%JS_API_CDN%"></script> <style> html, body { font-size: 150%; margin: 10vh 10vw; } </style> <script> require([ "esri/portal/Portal", "esri/identity/OAuthInfo", "esri/identity/IdentityManager" ], function (Portal, OAuthInfo, esriId) { const info = new OAuthInfo({ appId: "YOUR-CLIENT-ID", popup: false // the default }); esriId.registerOAuthInfos([info]); esriId .checkSignInStatus(info.portalUrl + "/sharing") .then(() => { handleSignedIn(); }) .catch(() => { handleSignedOut(); }); document.getElementById("sign-in").addEventListener("click", function () { esriId.getCredential(info.portalUrl + "/sharing"); }); document.getElementById("sign-out").addEventListener("click", function () { esriId.destroyCredentials(); window.location.reload(); }); function handleSignedIn() { const portal = new Portal(); portal.load().then(() => { const results = { name: portal.user.fullName, username: portal.user.username }; document.getElementById("results").innerText = JSON.stringify(results, null, 2); }); } function handleSignedOut() { document.getElementById("results").innerText = 'Signed Out' } }); </script> </head> <body> <button id="sign-in" class="btn btn-primary">Sign In</button> <button id="sign-out" class="btn btn-primary">Sign Out</button> <pre><code id="results"></code></pre> </body> </html>
Add event listeners
Call the
getCredentialmethod when a user clicks thesign-inbutton.Add line. Add line. Add line. Add line. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="initial-scale=1, maximum-scale=1,user-scalable=no" /> <title>ArcGIS API for JavaScript Tutorials: Authenticate with an ArcGIS identity</title> </style> <link rel="stylesheet" href="%JS_API_CDN%esri/themes/light/main.css"> <script src="%JS_API_CDN%"></script> <style> html, body { font-size: 150%; margin: 10vh 10vw; } </style> <script> require([ "esri/portal/Portal", "esri/identity/OAuthInfo", "esri/identity/IdentityManager" ], function (Portal, OAuthInfo, esriId) { const info = new OAuthInfo({ appId: "YOUR-CLIENT-ID", popup: false // the default }); esriId.registerOAuthInfos([info]); esriId .checkSignInStatus(info.portalUrl + "/sharing") .then(() => { handleSignedIn(); }) .catch(() => { handleSignedOut(); }); document.getElementById("sign-in").addEventListener("click", function () { esriId.getCredential(info.portalUrl + "/sharing"); }); document.getElementById("sign-out").addEventListener("click", function () { esriId.destroyCredentials(); window.location.reload(); }); function handleSignedIn() { const portal = new Portal(); portal.load().then(() => { const results = { name: portal.user.fullName, username: portal.user.username }; document.getElementById("results").innerText = JSON.stringify(results, null, 2); }); } function handleSignedOut() { document.getElementById("results").innerText = 'Signed Out' } }); </script> </head> <body> <button id="sign-in" class="btn btn-primary">Sign In</button> <button id="sign-out" class="btn btn-primary">Sign Out</button> <pre><code id="results"></code></pre> </body> </html>Call the
destroyCredentialsmethod when a user clicks thesign-outbutton before reloading the page.Add line. Add line. Add line. Add line. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="initial-scale=1, maximum-scale=1,user-scalable=no" /> <title>ArcGIS API for JavaScript Tutorials: Authenticate with an ArcGIS identity</title> </style> <link rel="stylesheet" href="%JS_API_CDN%esri/themes/light/main.css"> <script src="%JS_API_CDN%"></script> <style> html, body { font-size: 150%; margin: 10vh 10vw; } </style> <script> require([ "esri/portal/Portal", "esri/identity/OAuthInfo", "esri/identity/IdentityManager" ], function (Portal, OAuthInfo, esriId) { const info = new OAuthInfo({ appId: "YOUR-CLIENT-ID", popup: false // the default }); esriId.registerOAuthInfos([info]); esriId .checkSignInStatus(info.portalUrl + "/sharing") .then(() => { handleSignedIn(); }) .catch(() => { handleSignedOut(); }); document.getElementById("sign-in").addEventListener("click", function () { esriId.getCredential(info.portalUrl + "/sharing"); }); document.getElementById("sign-out").addEventListener("click", function () { esriId.destroyCredentials(); window.location.reload(); }); function handleSignedIn() { const portal = new Portal(); portal.load().then(() => { const results = { name: portal.user.fullName, username: portal.user.username }; document.getElementById("results").innerText = JSON.stringify(results, null, 2); }); } function handleSignedOut() { document.getElementById("results").innerText = 'Signed Out' } }); </script> </head> <body> <button id="sign-in" class="btn btn-primary">Sign In</button> <button id="sign-out" class="btn btn-primary">Sign Out</button> <pre><code id="results"></code></pre> </body> </html>
Run the App
You should now have an application that can check for credentials using OAuth 2.0.