My org uses ArcGIS Online and we have a number of python scripts currently using named users to authenticate with AGOL via the python api. The issue is that we must use a password policy and have passwords reset every x amount of days. The API does not seem to have any way to check when an accounts password will expire. Problematic as I have 5 or 6 accounts running scripts (use a dedicated account for each grouping of servers to prevent conflicts as 1 account can only be used on 3 machines at a time) and it's a hassle to manual manage all of them. I want to be programmatically check when a password will need to be changed so I can automate the reset and updating of the stored passwords in protected directories.
Before I come up with my own solution, I was wondering if there is a better way to deal with this? Maybe I missed something and there is a more permanent way to authenticate without using an on-prem Portal. Or there is something in the API refs I missed. It seems I'll have to store a log of when passwords were reset.
As far as I can tell from the documentation this or using ArcGIS Pro authentication are the only ways to connect to AGOL and run our scripts...pro auth token will only last two weeks so that's out of the window (unless there is someway to specify a longer default token parameter for Pro with AGOL, but there does not seem to be)
Hi @CarlVricella,
You can use an Oauth2.0 Application to generate your token:
1. In ArcGIS Online go to Content > New Item > Application
2. Other application > Next
3. Specify a Title and Tags and click Save
4. In the Items Details of the new application, click the Settings tab
5. Scroll down and click Registered Info
6. Copy the App ID and App Secret
7. You can then use this to generate a token:
import requests, json
# Generate Token
try:
params = {
'client_id': clientId,
'client_secret': clientSecret,
'grant_type': "client_credentials",
}
request = requests.get('https://www.arcgis.com/sharing/oauth2/token', params=params)
response = request.json()
token = response["access_token"]
except Exception as e:
errorLog("Error generating token", e)
Correct, the expiration of the application owner's password should not interfere.
and I can provide this token to initiate a connection AGOL via the python api's GIS module?
Unfortunately, not with the ArcGIS API for Python. When trying to do so, a browser is opened asking for credentials.
https://developers.arcgis.com/python/guide/working-with-different-authentication-schemes/
is OAuth still not support by the python API?