You will learn: how to use named user login credentials to access the ArcGIS Traffic Layer service.

The ArcGIS Platform supports several security methodologies that you can implement to access ArcGIS premium services and secure content. To implement OAuth 2.0, you can use your ArcGIS account to register an application and get a client id, and then configure your app to redirect users to login with their credentials when the service or content is accessed. This is known as the "named user login" authentication pattern. If the app uses premium services that consume credits, the user's account will be charged, not your account. Alternatively, you can use your own account to set up service proxies that allow your applications to access premium services without asking the user to authenticate themselves. In this case, your account is providing authentication and will be charged credits if credit-consuming services are used. This is known as the "app login" authentication pattern. To learn more about service proxies, see the Set up authenticated services lab.

In this lab you will implement OAuth 2.0 to redirect users to sign into ArcGIS so they can access the ArcGIS Traffic Layer service.

Before you begin

Make sure you have installed the latest version of Android Studio.

You will need an ArcGIS for Developers account. If you don't already have one, you can sign-up for free.

Reuse the starter project

In a new or empty project folder, make a copy of the Create a starter app or download and unzip the project solution.

  • Open the new Android project in Android Studio.
  • Run the project and verify the project builds and the map displays on the device simulator.
  • You may be required to sync the project dependencies.


Pre-configure OAuth2 for your app

  1. Register your app to generate a client id and set a redirect URI to access the secure service:

    1. Sign into ArcGIS for Developers.
    2. Select Dashboard + > New Application to create a new application.
    3. Fill in new application details then select Register New Application. Take note of the Client ID value that is automatically assigned to your app.
    4. On the Authentication tab use the Redirect URIs section to add my-devlab-app://auth.

Set the app settings

  1. Create an app_settings.xml resource file to hold your client id and custom redirect URI:

    1. In the Project view, right-click app and choose New > Android resource file.
    2. Set the File name to app_settings.xml.
    3. In Resource type choose Values.
    4. Leave the other options as default (Source set as main, Directory name as values) and click OK.
    5. In the new values file you created, add the following string elements:
    <?xml version="1.0" encoding="utf-8"?>
      <!-- *** ADD *** -->
      <string name="client_id">YOUR_CLIENT_ID</string>
      <string name="redirect_uri">my-devlab-app://auth</string>
    1. Replace the client_id and redirect_uri values with the values shown on the authentication tab of your application definition.

Set the default OAuth Intent Receiver

  1. Update the android manifest to indicate the Activity and intent filter to use to handle the redirect URI. The Android manifest file is located in the Project view under app > manifests > AndroidManifest.xml. Add the following <activity> tag, taking note of the scheme usage of your redirect URI:

    <activity android:name=".MainActivity">
        <action android:name="android.intent.action.MAIN"/>
        <category android:name="android.intent.category.LAUNCHER"/>
    <!-- *** ADD *** -->
            <action android:name="android.intent.action.VIEW"/>
            <category android:name="android.intent.category.DEFAULT"/>
            <category android:name="android.intent.category.BROWSABLE"/>
            <data android:scheme="my-devlab-app"/>

The next part of the project is to write the code to configure a DefaultAuthenticationChallengeHandler for OAuth.

Configure OAuth in the app

  1. The DefaultAuthenticationChallengeHandler handles all security types, including OAuth if you add an OAuthConfiguration to the AuthenticationManager.

    In the file app > java > {your.package.name} > MainActivity.java, add the following directly after setting the content view:

    // *** ADD ***
    String clientId = getResources().getString(R.string.client_id);
    String redirectUri = getResources().getString(R.string.redirect_uri);
    try {
        // configuration for OAuth access information against arcgis.com portal
        OAuthConfiguration oAuthConfiguration = new OAuthConfiguration("https://www.arcgis.com", clientId, redirectUri);
        // challenge handler using this activity to launch browser OAuth login
        DefaultAuthenticationChallengeHandler authenticationChallengeHandler = new DefaultAuthenticationChallengeHandler(this);
        // Authentication Manager manages authentication for OAuth configuration
    } catch (MalformedURLException e) {

Add private layer to your map's operational layers

  1. In the same file, append the following to the setupMap() method:

    // *** ADD ***
    ArcGISMapImageLayer traffic = new ArcGISMapImageLayer("https://traffic.arcgis.com/arcgis/rest/services/World/Traffic/MapServer");

Congratulations, you're done!

Your map should open on your device then load the installed browser app to allow OAuth login. Once successfully logged in you will return to the map with the traffic layer added.