Tutorial: Create OAuth credentials for user authentication

Learn how to create an OAuth credential to set up user authentication.

The developer credentials creation interface in a portal

OAuth credentials are required to set up user authentication. When a user signs in with user authentication, a user token is generated to authorize access to ArcGIS services on their behalf. An OAuth credential includes a client_id and a redirect_uri, which are used to initiate the authentication flow.

This tutorial shows you how to create OAuth credentials for use in user authentication.

Prerequisites

You need an ArcGIS Location Platform account or an ArcGIS Online account.

Steps

Create OAuth credentials

Sign in to your portal.
- ArcGIS Location Platform: Go to https://location.arcgis.com and sign in. In the dashboard, click My portal to go to your portal.
- ArcGIS Online: Go to https://arcgis.com and sign in.
In your portal, click Content > My content > New item.
Click Developer credentials.
Click OAuth 2.0 credentials and click Next.

Need troubleshooting help?

If the Developer credentials option is not visible when creating a new item, your ArcGIS Online account does not have the correct permissions. You need an ArcGIS account with a user type of Creator or higher. Learn more about user types in the ArcGIS Online documentation.

Make sure the redirect URL in your OAuth credential is the same with the redirect URL in your callback page. This URL varies based on your application and typically takes the format of https://<server>[:port]/callback.html.

For example, if you are running an application on http://127.0.0.1:5500/, set http://127.0.0.1:5500/callback.html as the redirect URL in the index.html file, callback.html file, and the settings of your OAuth credential. They all have to match!

Still need help? Go to the Security and authentication guide.

Save the item

After configuring your OAuth credentials, you can save the credentials as a new item.

Under Redirect URLs, add the URL that you want to direct users to after completing authentication. This URL varies based on your application and typically takes the format of "https://<server>[:port]/callback.html" or "http://my-arcgis-app:/auth". This is a valid web page or server endpoint to which a user can be redirected after successful sign in.
- For example, if you are running an application on https://localhost:8080, add https://localhost:8080/callback.html to the list of redirect URLs. The exact URL depends on the name of your callback page and the programming language you are using.
Under Application environment, select the type of environment your application will run in. This will affect when the OAuth credentials appear in portal search results. Then, click Next.
In the Privileges window, click Next. These properties are not required in user authentication.
In the Item access window, click Skip. These properties are not required in user authentication.
In the Create developer credentials window, set the following properties:
- Title: My OAuth credentials (for user authentication)
- Folder: Developer credentials (Create a new folder)
- Tags: User authentication
- Description: Describe the application that these developer credentials will be used in.
Click Next.
In the Summary window, review the properties and redirect URL you have set.
Click Create to create your OAuth credentials.

Copy the client ID and redirect URL

Your OAuth credentials contain a client_id parameter that is required to implement user authentication. Copy this value, as well as your provided redirect URL, and paste them into your application.

On the item page of your OAuth credentials, scroll down to Credentials.
Copy the Client ID value and paste it into your application.
Click the Manage button to go to the Settings tab.
Under Redirect URLs, copy the redirect URL you provided earlier. Paste it into your application.

Now you have a client ID and a redirect URL to enable user authentication in your application.