AuthenticationManager QML Type

  • Esri.ArcGISRuntime
  • AuthenticationManager
  • A singleton instance to manage authentication. More...

    Import Statement: import Esri.ArcGISRuntime
    Since: Esri.ArcGISRuntime 100.0





    Detailed Description

    Note: You cannot declare or create a component of this type in QML code. Rather, an instance is automatically created and only that single instance is available for use in the application.

    This type allows you to manage authentication/security related tasks.

    It emits the authenticationChallenge signal whenever an authentication or security issue is encountered anywhere in the API.

    The following types of challenges can be raised by the AuthenticationManager:

    • Enums.AuthenticationChallengeTypeUsernamePassword - Challenges needing username and/or password authentication.
    • Enums.AuthenticationChallengeTypeOAuth - Challenges needing an OAuth authorization code.
    • Enums.AuthenticationChallengeTypeClientCertificate - Challenges needing a client certificate to be provided.
    • Enums.AuthenticationChallengeTypeSslHandshake - Challenges needing a response to certain SSL errors, usually an untrusted host due to a self-signed certificate.

    To handle authentication challenges in the UI automatically, import the Esri.ArcGISRuntime.Toolkit module and declare the AuthenticationView component.

    It also contains an instance of a CredentialCache which maintains an in-memory cache of credentials that have been used previously to satisfy authentication challenges. This allows a credential to be reused where appropriate, and prevents unnecessary or duplicate challenges from being issued while accessing secure resources from the same security realm. Caching happens automatically if the credentialCacheEnabled property is true.

    Note: When the user wants to sign out, the CredentialCache.removeAllCredentials() method must be called explicitly to clear the credential cache.

    Property Documentation

    [read-only] clientCertificateInfos : list<string>

    Gets a list of client certfication information available from the authentication manager to be used for a client certification authentication challenge (read-only).

    Use the index of this list to respond to a client certificate authentication challenge with AuthenticationChallenge::continueWithClientCertificate.

    [read-only] credentialCache : CredentialCache

    Returns the credential cache being maintained by the authentication manager (read-only).

    The cache contains credentials that have been previously used to satisfy authentication challenges. This allows a credential to be reused, where appropriate, and prevent unnecessary or duplicate challenges from being issued while accessing secure resources from the same security realm.

    credentialCacheEnabled : bool

    Whether credential caching is automatically enabled.

    By default, automatic caching is enabled.

    Signal Documentation

    authenticationChallenge(AuthenticationChallenge challenge)

    Emitted when a response from an authentication challenge is required.

    The challenge parameter contains information about the security error that caused the challenge. It also contains methods to set a new credential.

    In the workflow where a sign-in dialog should be displayed when there is a challenge, the following workflow is recommended:

    • Create a dialog that contains a custom property to store the challenge that is passed through from the signal.
    • Set up a signal handler for the authenticationChallenge signal. This can be done by using the QML Connections component and setting the target to the instance of AuthenticationManager, or by using QML's connect() method that is available on all signal objects. See the QML Signal and Handler Event System documentation for further information on how to make the connection using these methods.
    • In the signal handler, obtain the challenge, and set your dialog's custom property to the challenge that is returned. This is important because if the challenge instance is not maintained in a property, it will be destroyed after the function is exited and goes out of scope. The challenge must be maintained while the user is entering their credentials to avoid a failure.
    • Once the user is done supplying their username and password, create a Credential with that information. Then, call the continueWithCredential method on the challenge, and pass in the Credential object.

    Since Esri.ArcGISRuntime 100.1, authentication challenges occur sequentially. The application or user must respond to a challenge request to allow following challenges in the queue to be emitted.

    Note: The corresponding handler is onAuthenticationChallenge.


    Emitted when the clientCertificateInfos property changes.

    Note: The corresponding handler is onClientCertificateInfosChanged.

    clientCertificatePasswordRequired(url certificate)

    Emitted when a password is required to add a client certificate with addClientCertificate.

    Note: The corresponding handler is onClientCertificatePasswordRequired.


    Emitted when the credentialCacheEnabled property changes.

    Note: The corresponding handler is onCredentialCacheEnabledChanged.

    [since Esri.ArcGISRuntime 100.2] fetchLoginTypeForUrlCompleted(LoginType loginType)

    Emitted when the fetchLoginTypeForUrl method completes the fetch for loginType.

    Note: The corresponding handler is onFetchLoginTypeForUrlCompleted.

    This signal was introduced in Esri.ArcGISRuntime 100.2.

    Method Documentation

    bool addClientCertificate(url clientCertificate, string password)

    Adds a client certifcate to the authentication manager by providing a path to a clientCertificate file and and optional password for the certificate.

    This function returns true if the certificate was successfully added, or returns false if the certificate file could not be opened or if the password was incorrect.

    [since Esri.ArcGISRuntime 100.2] void fetchLoginTypeForUrl(url url)

    Checks the login type for the given portal url.

    Requests the LoginType for a given url, and emits the fetchLoginTypeForUrlCompleted signal when finished. The loginType that is passed through the signal as a parameter will return as Unknown if an error occurred or if the URL is invalid.

    This method was introduced in Esri.ArcGISRuntime 100.2.

    Your browser is no longer supported. Please upgrade your browser for the best experience. See our browser deprecation post for more details.