topic Authorize token without user password in ArcGIS API for Python Questions https://community.esri.com/t5/arcgis-api-for-python-questions/authorize-token-without-user-password/m-p/777488#M1046 <HTML><HEAD></HEAD><BODY><P>My question involves both Javascript and Python, so I'll post in both forums.</P><P></P><P>I'm developing an API for custom geoprocessing tasks done in Python, and I'm trying to use AGOL Oauth2 authentication to authorize users to using my API.</P><P></P><P>Here's the flow :</P><P></P><P>1) User a custom WebAppBuilder application, and logs in via his AGOL Organization</P><P>2) Custom Javascript code makes a requests to the custom API and appends a Token</P><P>3) Python then makes a request to verify if this token is valid.</P><P></P><P>My problem here is with steps 1 and 2, 2 being the related to this forum.</P><P></P><P>Pseudo example&nbsp; of python API:</P><PRE class="lia-code-sample line-numbers language-none"><CODE><SPAN class="keyword token">def</SPAN> <SPAN class="token function">authenticate</SPAN><SPAN class="punctuation token">(</SPAN>request<SPAN class="punctuation token">)</SPAN><SPAN class="punctuation token">:</SPAN> token <SPAN class="operator token">=</SPAN> request<SPAN class="punctuation token">.</SPAN>token <SPAN class="comment token">#Or whatever other information is necessary</SPAN> valid <SPAN class="operator token">=</SPAN> arcpy<SPAN class="punctuation token">.</SPAN>isAuthenticated<SPAN class="punctuation token">(</SPAN>token<SPAN class="punctuation token">)</SPAN> <SPAN class="comment token">#Just a pseudo example</SPAN> <SPAN class="keyword token">if</SPAN> valid<SPAN class="punctuation token">:</SPAN> <SPAN class="keyword token">return</SPAN> Response<SPAN class="punctuation token">.</SPAN>ok<SPAN class="punctuation token">(</SPAN><SPAN class="punctuation token">)</SPAN> <SPAN class="keyword token">return</SPAN> Response<SPAN class="punctuation token">.</SPAN>fail<SPAN class="punctuation token">(</SPAN><SPAN class="punctuation token">)</SPAN>‍‍‍‍‍‍ </CODE></PRE><P></P><P>All I need is to Authorize the token, <STRONG>NOT</STRONG>&nbsp; Authenticate.</P><P></P><P>I just need the OAuth server to tell me this Token is valid and not expired.</P><P></P><P>Or I'm also open to other suggestions to implement authorization in my API without requesting user credentials (as he already is logged in)</P></BODY></HTML> Sun, 12 Dec 2021 08:44:40 GMT GeoprocessamentoCarusoJR 2021-12-12T08:44:40Z Authorize token without user password https://community.esri.com/t5/arcgis-api-for-python-questions/authorize-token-without-user-password/m-p/777488#M1046 <HTML><HEAD></HEAD><BODY><P>My question involves both Javascript and Python, so I'll post in both forums.</P><P></P><P>I'm developing an API for custom geoprocessing tasks done in Python, and I'm trying to use AGOL Oauth2 authentication to authorize users to using my API.</P><P></P><P>Here's the flow :</P><P></P><P>1) User a custom WebAppBuilder application, and logs in via his AGOL Organization</P><P>2) Custom Javascript code makes a requests to the custom API and appends a Token</P><P>3) Python then makes a request to verify if this token is valid.</P><P></P><P>My problem here is with steps 1 and 2, 2 being the related to this forum.</P><P></P><P>Pseudo example&nbsp; of python API:</P><PRE class="lia-code-sample line-numbers language-none"><CODE><SPAN class="keyword token">def</SPAN> <SPAN class="token function">authenticate</SPAN><SPAN class="punctuation token">(</SPAN>request<SPAN class="punctuation token">)</SPAN><SPAN class="punctuation token">:</SPAN> token <SPAN class="operator token">=</SPAN> request<SPAN class="punctuation token">.</SPAN>token <SPAN class="comment token">#Or whatever other information is necessary</SPAN> valid <SPAN class="operator token">=</SPAN> arcpy<SPAN class="punctuation token">.</SPAN>isAuthenticated<SPAN class="punctuation token">(</SPAN>token<SPAN class="punctuation token">)</SPAN> <SPAN class="comment token">#Just a pseudo example</SPAN> <SPAN class="keyword token">if</SPAN> valid<SPAN class="punctuation token">:</SPAN> <SPAN class="keyword token">return</SPAN> Response<SPAN class="punctuation token">.</SPAN>ok<SPAN class="punctuation token">(</SPAN><SPAN class="punctuation token">)</SPAN> <SPAN class="keyword token">return</SPAN> Response<SPAN class="punctuation token">.</SPAN>fail<SPAN class="punctuation token">(</SPAN><SPAN class="punctuation token">)</SPAN>‍‍‍‍‍‍ </CODE></PRE><P></P><P>All I need is to Authorize the token, <STRONG>NOT</STRONG>&nbsp; Authenticate.</P><P></P><P>I just need the OAuth server to tell me this Token is valid and not expired.</P><P></P><P>Or I'm also open to other suggestions to implement authorization in my API without requesting user credentials (as he already is logged in)</P></BODY></HTML> Sun, 12 Dec 2021 08:44:40 GMT https://community.esri.com/t5/arcgis-api-for-python-questions/authorize-token-without-user-password/m-p/777488#M1046 GeoprocessamentoCarusoJR 2021-12-12T08:44:40Z