topic Re: inconsistent support for auth headers in ArcGIS Location Platform Developers Ques.

inconsistent support for auth headers

msuk1 — Fri, 13 Dec 2024 20:33:02 GMT

Hi team,

I am trying to use an open source library to display arcgis vector tiles in my app.
The library specifies authorisation via http auth headers, which should be supported as per docs:
https://developers.arcgis.com/documentation/security-and-authentication/reference/http-header-authentication/

I find that this is not the case for some endpoints, eg:
https://basemaps-api.arcgis.com/arcgis/rest/services/World_Basemap_v2/VectorTileServer
It requires an explicit token param.

Can you please check how I can specify auth headers for this endpoint?

Thanks.

Re: inconsistent support for auth headers

msuk1 — Fri, 13 Dec 2024 21:32:30 GMT

On second thought the library may be doing the wrong thing.
I see that initial request to get the tiles url contains the token so that should work without the auth header.
I don't see an option to delete this post.

Re: inconsistent support for auth headers

John-Foster — Wed, 18 Dec 2024 00:01:46 GMT

@msuk1the way to do this is to call the basemap style service with your authentication token in the header as documented here: https://developers.arcgis.com/rest/basemap-styles/arcgis-navigation-style-get/#token

subsequent tile requests should then supply the token. This is typically done with the mapping library. You can review some of the open-source implementations provided on https://developers.arcgis.com/documentation/#open-source-mapping-libraries, Esri Leaflet is a popular one that demonstrates this.

Re: inconsistent support for auth headers

msuk1 — Wed, 18 Dec 2024 11:27:31 GMT

Thanks John, that's what I realised eventually.
The style contains a source field, and the library I amusing was making a subsequent request to the url specified in the source.
There's no obvious reason for it so I have asked the library owner to fix it.