Skip To Content ArcGIS for Developers Sign In Dashboard

AuthenticationManager QML Type

A singleton instance to manage authentication. More...

Import Statement: import Esri.ArcGISRuntime 100.6
Since: Esri.ArcGISRuntime 100.0
Inherits:

Object

Properties

Signals

Methods

Detailed Description

Note: You cannot declare or create a component of this type in QML code. Rather, an instance is automatically created and only that single instance is available for use in the application.

This type allows you to manage authentication/security related tasks.

It emits the authenticationChallenge signal whenever an authentication or security issue is encountered anywhere in the API.

The following types of challenges can be raised by the AuthenticationManager:

  • Enums.AuthenticationChallengeTypeUsernamePassword - Challenges needing username and/or password authentication.
  • Enums.AuthenticationChallengeTypeOAuth - Challenges needing an OAuth authorization code.
  • Enums.AuthenticationChallengeTypeClientCertificate - Challenges needing a client certificate to be provided.
  • Enums.AuthenticationChallengeTypeSslHandshake - Challenges needing a response to certain SSL errors, usually an untrusted host due to a self-signed certificate.

To handle authentication challenges in the UI automatically, import the Esri.ArcGISRuntime.Dialogs module and declare the AuthenticationView component. Populate the authenticationManager property of the view with the AuthenticationManager in order to connect to its authenticationChallenge signal.

It also contains an instance of a CredentialCache which maintains an in-memory cache of credentials that have been used previously to satisfy authentication challenges. This allows a credential to be reused where appropriate, and prevents unnecessary or duplicate challenges from being issued while accessing secure resources from the same security realm. Caching happens automatically if the credentialCacheEnabled property is true.

Note: When the user wants to sign out, the CredentialCache.removeAllCredentials() method must be called explicitly to clear the credential cache.

Property Documentation

clientCertificateInfos : list<string>

Gets a list of client certfication information available from the authentication manager to be used for a client certification authentication challenge (read-only).

Use the index of this list to respond to a client certificate authentication challenge with AuthenticationChallenge::continueWithClientCertificate.


credentialCache : CredentialCache

Returns the credential cache being maintained by the authentication manager (read-only).

The cache contains credentials that have been previously used to satisfy authentication challenges. This allows a credential to be reused, where appropriate, and prevent unnecessary or duplicate challenges from being issued while accessing secure resources from the same security realm.


credentialCacheEnabled : bool

Whether credential caching is automatically enabled.


Signal Documentation

authenticationChallenge(AuthenticationChallenge challenge)

Emitted when a response from an authentication challenge is required.

The challenge parameter contains information about the security error that caused the challenge. It also contains methods to set a new credential.

In the workflow where a sign-in dialog should be displayed when there is a challenge, the following workflow is recommended:

  • Create a dialog that contains a custom property to store the challenge that is passed through from the signal.
  • Set up a signal handler for the authenticationChallenge signal. This can be done by using the QML Connections component and setting the target to the instance of AuthenticationManager, or by using QML's connect() method that is available on all signal objects. See the QML Signal and Handler Event System documentation for further information on how to make the connection using these methods.
  • In the signal handler, obtain the challenge, and set your dialog's custom property to the challenge that is returned. This is important because if the challenge instance is not maintained in a property, it will be destroyed after the function is exited and goes out of scope. The challenge must be maintained while the user is entering their credentials to avoid a failure.
  • Once the user is done supplying their username and password, create a Credential with that information. Then, call the continueWithCredential method on the challenge, and pass in the Credential object.

Since Esri.ArcGISRuntime 100.1, authentication challenges occur sequentially. The application or user must respond to a challenge request to allow following challenges in the queue to be emitted.


clientCertificateInfosChanged()

Emitted when the clientCertificateInfos property changes.


clientCertificatePasswordRequired(url certificate)

Emitted when a password is required to add a client certificate with addClientCertificate.


credentialCacheEnabledChanged()

Emitted when the credentialCacheEnabled property changes.


fetchLoginTypeForUrlCompleted(LoginType loginType)

Emitted when the fetchLoginTypeForUrl method completes.

This QML signal was introduced in Esri.ArcGISRuntime 100.2.


Method Documentation

bool addClientCertificate(url clientCertificate, string password)

Adds a client certifcate to the authentication manager by providing a path to a clientCertificate file and and optional password for the certificate.

This function returns true if the certificate was successfully added, or returns false if the certificate file could not be opened or if the password was incorrect.


void fetchLoginTypeForUrl(url url)

Checks the login type for the given portal url.

Requests the LoginType for a given url, and emits the fetchLoginTypeForUrlCompleted signal when finished. The loginType that is passed through the signal as a parameter will return as Unknown if an error occurred or if the URL is invalid.

This QML method was introduced in Esri.ArcGISRuntime 100.2.



Feedback on this topic?