Using token based secured services

628
3
Jump to solution
09-04-2013 12:15 PM
YimanSong
New Contributor III
New to JS

How do I embed credentials in order to use a secured service? Can anyone provide samples on how to use IdentityManagerBase?
0 Kudos
1 Solution

Accepted Solutions
KenBurcham
Occasional Contributor
What I tend to do is just append the token to the end of my service urls:

http: // data.yourdomain.com/arcgis/rest/services/SomeMapService/MapServer/0?token=AREALLYLONGSTRING

This works fine, but with the down-side that said url (and token) will be available to view from the client.  However, when I generate my token, I use the http referrer method, which means the token is useless unless coming from my own server folder.  But as John said above, the proxy method works great, too (and is required when doing things like feature editing).

ken.

View solution in original post

0 Kudos
3 Replies
JohnGravois
Frequent Contributor
if you want to enable users to access secure services without signing in, one valid approach is to use a proxy to hide the credentials or token.
0 Kudos
YimanSong
New Contributor III
if you want to enable users to access secure services without signing in, one valid approach is to use a proxy to hide the credentials or token.


How does token work, if it doesn't require proxy?
0 Kudos
KenBurcham
Occasional Contributor
What I tend to do is just append the token to the end of my service urls:

http: // data.yourdomain.com/arcgis/rest/services/SomeMapService/MapServer/0?token=AREALLYLONGSTRING

This works fine, but with the down-side that said url (and token) will be available to view from the client.  However, when I generate my token, I use the http referrer method, which means the token is useless unless coming from my own server folder.  But as John said above, the proxy method works great, too (and is required when doing things like feature editing).

ken.

View solution in original post

0 Kudos