import OAuthInfo from "@arcgis/core/identity/OAuthInfo.js";const OAuthInfo = await $arcgis.import("@arcgis/core/identity/OAuthInfo.js");- Inheritance:
- OAuthInfo→
Accessor
- Since
- ArcGIS Maps SDK for JavaScript 4.0
This class contains information about an OAuth 2.0 configuration. Use it in combination with the IdentityManager widget to aid in working with OAuth 2.0 authentication.
One-step authentication has been superseded by the recommended two-step approach with Proof Key for Code Exchange (PKCE).
This update coincides with recommendations in the OAuth 2.1 specification. Although one-step authentication is still supported, the API will no longer default to this. If needing to retain this setting, it is necessary to set flowType to implicit.
Please refer to the 4.23 Release Notes for additional information regarding this update.
Constructors
Constructor
Parameters
| Parameter | Type | Description | Required |
|---|---|---|---|
| properties | | |
Example
const [OAuthInfo, esriId] = await $arcgis.import([ "@arcgis/core/identity/OAuthInfo.js", "@arcgis/core/identity/IdentityManager.js"]);// Create a new OAuthInfo object.// The OAuth sign-in page will be shown in a popup window and use the specified callback URL.const info = new OAuthInfo({ appId: "<put client id here>", popup: true, // If using a callback page other than the default one, // make sure it supports the authentication type used. popupCallbackUrl: "<url to callback page>"});
// Add this OAuthInfo object to the IdentityManager.esriId.registerOAuthInfos([info]);Properties
| Property | Type | Class |
|---|---|---|
| | ||
| | ||
declaredClass readonly inherited | ||
| | ||
"auto" | "authorization-code" | "implicit" | | |
| | ||
| | ||
| | ||
| | ||
| | ||
| | ||
| | ||
| | ||
| |
authNamespace
- Type
- string
Applications with the same value will share the stored token on the same host.
- Default value
- "/"
expiration
- Type
- number
The number of minutes that the token is valid.
- Default value
- 20160 // two weeks
flowType
- Type
- "auto" | "authorization-code" | "implicit"
- Since
- ArcGIS Maps SDK for JavaScript 4.23
Set this property to specify the type of authentication to use. One-step authentication has been superseded in favor of the recommended two-step approach (ie. grant_type=authorization-code).
This update coincides with recommendations in the OAuth 2.1 recommendation.
| Possible Value | Description |
|---|---|
| auto | Recommended. Automatically defaults to two-step authentication with PKCE if accessing resources from ArcGIS Online or ArcGIS Enterprise version 10.9 or higher. One-step authentication is used if accessing an earlier version of ArcGIS Enterprise. |
| authorization-code | Similar to auto, this also uses two-step authentication with PKCE, but this does not check the server version. Do not use this type if accessing resources on older server versions without PKCE support. |
| implicit | One-step authentication. This is no longer a recommended approach and has been superseded by two-step authentication. Use this type if working with older server versions (ie. prior to 10.9). Please refer to OAuth 2.0 Security Best Current Practices for additional information. |
When signing into an application via a popup, the referenced callback page should be compatible for whatever authentication type is used. The default oauth-callback.html has been updated to allow for these updates in the two-step approach, although it will still work if using the one-step flow.
- Default value
- "auto"
Examples
// The `flowType` defaults to `auto`.// If using a supported server/portal version, two-step authentication is used.// If not, reverts to one-step.const infoAuto = new OAuthInfo({ appId: "<put client id here>"});// One-step workflow - no longer recommended.// Should only be used if working with older versions of Server/Portal, (ie. < 10.9).const infoImplicit = new OAuthInfo({ appId: "<put client id here>", flowType: "implicit", popup: true, // Updated callback page works with both two-step and one-step authentication popupCallbackUrl: "oauth-callback.html"}); forceUserId
- Type
- boolean
- Since
- ArcGIS Maps SDK for JavaScript 4.18
Set this property to true to force the user to sign in with the id in userId.
If the userId is not set, it will update after the user signs in. If the token expires, the same user will be required to sign in again.
- See also
- Default value
- false
locale
The locale for the OAuth sign-in page. The default locale is based on your browser/OS and the organization locale. You can use this property to change this. The locale needs to follow the language dash country code syntax supported by ArcGIS.com.
- See also
- Default value
- // Based on your browser/OS and the organization locale.
minTimeUntilExpiration
- Type
- number
The minimum time in minutes before a saved token is due to expire that should still be considered valid for use.
- Default value
- 30
popup
- Type
- boolean
Set to true to show the OAuth sign-in page in a popup window. Make certain to have a valid callback page referenced in the popupCallbackUrl. A sample callback page, oauth-callback.html, is provided to help with this.
The referenced callback page should be compatible for whatever authentication type is used. The default oauth-callback.html has been updated to allow for these updates in the two-step approach, although it will still work if using the one-step flow.
- Default value
- false
popupCallbackUrl
- Type
- string
Applicable if working with the popup user-login workflow. This is a relative page URL that redirects the user back to the secured application after successful login.
The referenced callback page should be compatible for whatever authentication type is used. The default oauth-callback.html has been updated to allow for these updates in the two-step approach, although it will still work if using the one-step flow.
- See also
- Default value
- "oauth-callback.html"
popupWindowFeatures
- Type
- string
The window features passed to window.open().
- Default value
- "height=490,width=800,resizable,scrollbars,status"
portalUrl
- Type
- string
The URL to either an ArcGIS Online or an ArcGIS Enterprise portal.
For example, https://www.arcgis.com, or https://www.example.com/arcgis.
An organization URL can be specified if wanting to display the organization's settings; e.g https://yourorg.maps.arcgis.com.
See the ArcGIS portal documentation for more information.
- Default value
- "https://www.arcgis.com"
Methods
fromJSON
- Signature
-
fromJSON (json: any): any
Creates a new instance of this class and initializes it with values from a JSON object
generated from an ArcGIS product. The object passed into the input json
parameter often comes from a response to a query operation in the REST API or a
toJSON()
method from another ArcGIS product. See the Using fromJSON()
topic in the Guide for details and examples of when and how to use this function.
Parameters
| Parameter | Type | Description | Required |
|---|---|---|---|
| json | A JSON representation of the instance in the ArcGIS format. See the ArcGIS REST API documentation for examples of the structure of various input JSON objects. | |
- Returns
- any
Returns a new instance of this class.
clone
- Signature
-
clone (): OAuthInfo
- Since
- ArcGIS Maps SDK for JavaScript 4.4
Creates a copy of the OAuthInfo object.
- Returns
- OAuthInfo
Returns a copy of the OAuthInfo.
toJSON
- Signature
-
toJSON (): any
Converts an instance of this class to its ArcGIS portal JSON representation. See the Using fromJSON() guide topic for more information.
- Returns
- any
The ArcGIS portal JSON representation of an instance of this class.