Accessing private content without login screen prompt

02-17-2021 01:32 PM
New Contributor

My organization is working on an app using the JS API that would allow other organizations to view their private content from ArcGIS Online on a map within our application. We plan to surface private content via REST endpoint URLs that originate in the user's ArcGIS Online account. We do not want the user to have to use a login screen to access the private content; rather, we'd like the user to be able to give their username/password somewhere in our app's settings beforehand, and then automatically see their private content when accessing the map. I've been working through the IdentityManager documentation to find a way to surface private content on maps without prompting the user with a login screen, and have come to the solution below that passes username and password to get an ArcGIS token, and then registering the token and adding the private feature layer to the map if the there is a token response. I was wondering whether anyone could comment on whether this looks like a valid approach and whether it's within TOU for the JS API - I find the documentation around authentication a bit confusing, so just looking for a sanity check 🙂 thanks!!


        var tokenUrl = ""
        var requestParams = {
            method: "post",
            query: {
              username: 'USERNAME',
              password: 'PASSWORD',
              referer: window.location.origin 
        esriRequest(tokenUrl, requestParams).then(response => {
          var token =          
            server: "",
            token: token
          if (response) 
            var privateLayer = new FeatureLayer({
              url: "PRIVATE LAYER URL"





0 Kudos
0 Replies