Learn how to create OAuth credentials to support user authentication.
OAuth credentials are an item required to implement most user authentication workflows. They contain the client and redirect parameters that are used to implement all OAuth 2.0 user authentication flows. The item page of OAuth credentials allows you to manage settings related to app authentication, including the allowed redirect URLs of an application.
This tutorial shows you how to create OAuth credentials for use in user authentication OAuth 2.0 flows.
Prerequisites
You need an ArcGIS Location Platform account, an ArcGIS Online account, or an ArcGIS Enterprise account.
Steps
Create OAuth credentials
-
Sign in to your portal.
- If you have an ArcGIS Location Platform account, go to https://location.arcgis.com and sign in. In the dashboard, click My portal to go to your portal.
- If you have an ArcGIS Online account, go to https://arcgis.com and sign in.
-
In your portal, click Content > My content > New item.
-
Click Developer credentials.
-
Click OAuth 2.0 credentials and click Next.
Need troubleshooting help?
If the Developer credentials option is not visible when creating a new item, your ArcGIS Online account does not have the correct permissions. You need an ArcGIS account with a user type of Creator or higher. Learn more about user types in the ArcGIS Online documentation.
Make sure the redirect URL in your OAuth credential is the same with the redirect URL in your callback page. This URL varies based on your application and typically takes the format of https.
For example, if you are running an application on http, set http as the redirect URL in the index.html file, callback.html file, and the settings of your OAuth credential. They all have to match!
Still need help? Go to the Security and authentication guide.
Save the item
After configuring your OAuth credentials, you can save the credentials as a new item.
-
Under Redirect URLs, add the URL that you want to direct users to after completing authentication. This URL varies based on your application and typically takes the format of
"httpsor:// <server >[ :port]/callback.html" "http. This is a valid web page or server endpoint to which a user can be redirected after successful sign in.://my-arcgis-app :/auth" - For example, if you are running an application on
https, add://localhost :8080 httpsto the list of redirect URLs. The exact URL depends on the name of your callback page and the programming language you are using.://localhost :8080/callback.html
- For example, if you are running an application on
-
Under Application environment, select the type of environment your application will run in. This will affect when the OAuth credentials appear in portal search results. Then, click Next.
-
In the Privileges window, click Next. These properties are not required in user authentication.
-
In the Item access window, click Skip. These properties are not required in user authentication.
-
In the Create developer credentials window, set the following properties:
- Title:
My OAuth credentials (for user authentication) - Folder:
Developer credentials(Create a new folder) - Tags:
User authentication - Description: Describe the application that these developer credentials will be used in.
Click Next.
- Title:
-
In the Summary window, review the properties and redirect URL you have set.
-
Click Create to create your OAuth credentials.
Copy the client ID and redirect URL
Your OAuth credentials contain a client parameter that is required to implement user authentication. Copy this value, as well as your provided redirect URL, and paste them into your application.
-
On the item page of your OAuth credentials, scroll down to Credentials.
-
Copy the Client ID value and paste it into your application.
-
Click the Manage button to go to the Settings tab.
-
Under Redirect URLs, copy the redirect URL you provided earlier. Paste it into your application.
Now you have a client ID and a redirect URL to enable user authentication in your application.