Most ArcGIS portals contain a considerable amount of content that is not public, but is instead secured and shared with the entire organization or specific groups. To access this secured content, users must authenticate with the portal.
The portal object will have access to all the secure content for which the user has access privileges and can be used to find out more information about the user, such as the user's full name (instead of the account user name). Additionally, information about the organization such as the name, banner image, description, and so on, can be read. Apps often make use of this information when a user connects to a specific portal, to show the user organization branding and context.
Typically, the portal object with the authenticated user is cached and used throughout the app session, to provide the app with a view of a portal that is centered around a single user. When the app is restarted, the credential must be reinstated, or the user must repeat the authentication process.
Access tokens
Accessing secured content requires an access token. The most common access tokens in ArcGIS are OAuth 2.0 tokens and API keys. For information on authentication in ArcGIS Maps SDK for Kotlin, see Security and Authentication in this guide. For steps to obtain user authentication or API key credentials, see Create developer credentials.
Accessing secured content in ArcGIS Online requires that you authenticate with the portal. You can do this by creating a Portal
instance with the Portal.
connection type. Then your app must apply the access token.
The workflow for accessing secured content is as follows:
- Apply the access token in your app code.
- Create a
Portal
instance with thePortal.
connection type.Connection. Authenticated
Access using OAuth
When accessing secured content using OAuth 2.0 credentials, the user's ArcGIS account must be of the correct user type and have the necessary privileges.
The code below uses the function AuthenticatorState()
and the composable DialogAuthenticator
, both from the ArcGIS Maps SDK for Kotlin toolkit, to obtain an access token using OAuth 2.0 credentials. For information on using the toolkit authentication module in your app, see Security and authentication.
@Composable
fun MapScreen3() {
val coroutineScope = rememberCoroutineScope()
val authenticatorState by remember { mutableStateOf(AuthenticatorState()) }
authenticatorState.oAuthUserConfigurations = listOf(
OAuthUserConfiguration(
portalUrl = "https://www.arcgis.com",
clientId = "Your client ID goes here",
redirectUrl = "Your redirect URL goes here"
)
)
connectToPortal(coroutineScope)
DialogAuthenticator(authenticatorState = authenticatorState)
}
fun connectToPortal(coroutineScope: CoroutineScope) {
val portal = Portal(
url = "https://<yourorg>.maps.arcgis.com",
connection = Portal.Connection.Authenticated
)
}
The code is the same whether connecting to ArcGIS Online or ArcGIS Enterprise. The only difference is the URL. For information on accessing ArcGIS Enterprise, see the Getting started using ArcGIS Enterprise.
Access using an API key
An API key must have the required privileges for the content being accessed. You can apply the key to the ArcGISEnvironment
class so it's available across the entire application. For information on using API Keys in your app, see Security and authentication in this guide.
For an example of API key use in an app, see any of the ArcGIS Maps SDK for Kotlin tutorials, such as Display a map.
ArcGISEnvironment.apiKey = ApiKey.create(YOUR_ACCESS_TOKEN)