We are running into issues passing the OAuth Code to access protected feature classes using the URL Parameter in the Feature Layer class in the ArcGIS GIS API.
Is this an intended use of the OAuth code? Or should we be approaching this another way?
const layer = new FeatureLayer({
url: "{{ URL_TO_FEATURE_SERVER }}/0?token={{ CODE_FROM_OAUTH}}",
});
@JoelBennett @UndralBatsukh @Sage_Wall @jcarlson @LaurenBoyd @AndyGup Any insight is appreciated!
I haven't used OAuth, so can't answer your questions directly. What I can tell you, though, is that the FeatureLayer constructor strips off the query string from the URL. To include query string parameters that go along with the service requests, you'll need to use customParameters instead. For example:
const layer = new FeatureLayer({
url: "https://server/arcgis/serviceName/FeatureServer/0",
customParameters: {
token: "CODE_FROM_OATH"
}
});
This would work until the token expires, and then the layer would stop working unless you refresh the token. Perhaps a better solution would be to make use of IdentityManager.registerToken instead. This would automatically append the token to any service requests from the matching server path.
Hi @GraceTortorici_ -
OAuth works with the IdentityManager provided by the SDK. These codes do not work like ArcGIS tokens where you can append them to a secure service's token parameter to gain access. More information on how OAuth works with ArcGIS in general can be found here: https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/ and JS SDK specific information on user logins with OAuth can be found here: https://developers.arcgis.com/javascript/latest/secure-resources/#user-logins
Here is a tutorial on how to authenticate using an ArcGIS identity with the ArcGIS Maps SDK for JavaScript that shows you how to work with OAuth and set up the Identity Manager: https://developers.arcgis.com/javascript/latest/authenticate-with-an-arcgis-identity/
Hope this helps!