Implement user authentication

Learn how to use ArcGIS Maps SDK for Javascript to implement user authentication.

If your application needs access to your users' secure content through ArcGIS or if you are distributing your app through ArcGIS Marketplace, you must implement user authentication. This allows individual users with an ArcGIS Online or ArcGIS Enterprise account to authorize your app to use the content and services to which they have access; it also uses their credits for any paid premium content and services.

Prerequisites

You need an ArcGIS account to register a new application and obtain its client_id. See the register your application tutorial. If you do not have an ArcGIS account you can sign up for a free ArcGIS Location Platform account.

When registering your application you will need to configure a redirect URL that will point to the URL where you are hosting your application. Generally this will be a local web server such as http://localhost:8000.

Steps

Create a new pen

Go to CodePen to create a new pen for your mapping application.

Add the HTML

In CodePen > HTML, add HTML and CSS to create a page with <button> and <pre> elements to allow the user to sign in, sign out, and to display user credentials.

Expand
Use dark colors for code blocks
<html>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta name="viewport" content="initial-scale=1, maximum-scale=1,user-scalable=no" />
    <title>ArcGIS Maps SDK for JavaScript Tutorials: Implement user authentication</title>


    <style>
      html,
      body {
        font-size: 150%;
        margin: 10vh 10vw;
      }
    </style>

  </head>

  <body>

    <button id="sign-in" class="btn btn-primary">Sign In</button>
    <button id="sign-out" class="btn btn-primary">Sign Out</button>
    <pre><code id="results"></code></pre>

  </body>
</html>

Reference the API

In the <head> tag, add references to the CSS file and JS library.

Expand
Use dark colors for code blocks
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta name="viewport" content="initial-scale=1, maximum-scale=1,user-scalable=no" />
    <title>ArcGIS Maps SDK for JavaScript Tutorials: Implement user authentication</title>


    <link rel="stylesheet" href="https://js.arcgis.com/4.34/esri/themes/light/main.css" />
    <script src="https://js.arcgis.com/4.34/"></script>

    <style>
      html,
      body {
        font-size: 150%;
        margin: 10vh 10vw;
      }
    </style>

  </head>
Expand

Add modules

In a new <script> at the bottom of the <body>, use $arcgis.import to add the Portal, OAuthInfo, and IdentityManager modules.

The ArcGIS Maps SDK for JavaScript is available via CDN and npm, but this tutorial is based on CDN. The $arcgis.import global function accepts a module path or array of module paths, and returns a promise that resolves with the requested modules. This function can only be used when working with the CDN; otherwise, use the standard import syntax. To learn more about the SDK's different modules, visit the References page.

Expand
Use dark colors for code blocks
    <script type="module">

      const [Portal, OAuthInfo, esriId] = await $arcgis.import([
        "@arcgis/core/portal/Portal.js",
        "@arcgis/core/identity/OAuthInfo.js",
        "@arcgis/core/identity/IdentityManager.js",
      ]);


    </script>
Expand

Register credentials with Identity Manager

Go to the OAuth credentials item page and copy the Client ID.

Create an OAuthInfo object and set the appId with the copied client_id before you register it with IdentityManager.

Expand
Use dark colors for code blocks
      const [Portal, OAuthInfo, esriId] = await $arcgis.import([
        "@arcgis/core/portal/Portal.js",
        "@arcgis/core/identity/OAuthInfo.js",
        "@arcgis/core/identity/IdentityManager.js",
      ]);


      const info = new OAuthInfo({
        appId: "YOUR-CLIENT-ID",
        popup: false, // the default
      });
      esriId.registerOAuthInfos([info]);
Expand

Once you have registered your client_id with IdentityManager the ArcGIS Maps SDK for JavaScript will automatically prompt a user to authorize your application whenever it accesses a service that requires authentication. Create a sign in experience by accessing the users profiles with the Portal class.

Create a handleSignedIn function to be called when the user authorizes your application and then load the Portal. After the user provides authorization, obtain and display the fullName and username on the page.

Expand
Use dark colors for code blocks
      const info = new OAuthInfo({
        appId: "YOUR-CLIENT-ID",
        popup: false, // the default
      });
      esriId.registerOAuthInfos([info]);

      function handleSignedIn() {

        const portal = new Portal();
        portal.load().then(() => {
          const results = { name: portal.user.fullName, username: portal.user.username };
          document.getElementById("results").innerText = JSON.stringify(results, null, 2);
        });

      }

Expand

Call the checkSignInStatus method against a service URL. If the user has provided credentials, call the handleSignedIn function.

checkSignInStatus can accept a URL for any service. The default ArcGIS portal URL https://arcgis.com/sharing/rest/ is the easiest way to fully authenticate a user.

Expand
Use dark colors for code blocks
      const info = new OAuthInfo({
        appId: "YOUR-CLIENT-ID",
        popup: false, // the default
      });
      esriId.registerOAuthInfos([info]);

      esriId
        .checkSignInStatus(info.portalUrl + "/sharing")
        .then(() => {
          handleSignedIn();
        })

      function handleSignedIn() {

        const portal = new Portal();
        portal.load().then(() => {
          const results = { name: portal.user.fullName, username: portal.user.username };
          document.getElementById("results").innerText = JSON.stringify(results, null, 2);
        });

      }

Expand

Handle sign out

Create a handleSignedOut function when a user's credentials are destroyed.

Expand
Use dark colors for code blocks
      function handleSignedIn() {

        const portal = new Portal();
        portal.load().then(() => {
          const results = { name: portal.user.fullName, username: portal.user.username };
          document.getElementById("results").innerText = JSON.stringify(results, null, 2);
        });

      }

      function handleSignedOut() {
        document.getElementById("results").innerText = "Signed Out";
      }
Expand

Append a catch statement to call the handleSignedOut function when the user signs out.

Expand
Use dark colors for code blocks
      esriId
        .checkSignInStatus(info.portalUrl + "/sharing")
        .then(() => {
          handleSignedIn();
        })

        .catch(() => {
          handleSignedOut();

        });
Expand

Add event listeners

Call the getCredential method when a user clicks the sign-in button.

Expand
Use dark colors for code blocks
        .catch(() => {
          handleSignedOut();

        });

      document.getElementById("sign-in").addEventListener("click", function () {
        esriId.getCredential(info.portalUrl + "/sharing");
      });

Expand

Call the destroyCredentials method when a user clicks the sign-out button before reloading the page.

Expand
Use dark colors for code blocks
        .catch(() => {
          handleSignedOut();

        });

      document.getElementById("sign-in").addEventListener("click", function () {
        esriId.getCredential(info.portalUrl + "/sharing");
      });

      document.getElementById("sign-out").addEventListener("click", function () {
        esriId.destroyCredentials();
        window.location.reload();
      });
Expand

Run the App

You should now have an application that can check for credentials using OAuth 2.0.

What's next?

Learn how to use additional SDK features and ArcGIS services in these tutorials: