Select to view content in your preferred language

Access token to access private ArcGIS enterprise contents

790
3
Jump to solution
08-29-2023 03:07 AM
Fer
by
Emerging Contributor

Hi,

We are trying to access some private layers stored in our ArcGIS enterprise hosting. The examples provided don’t seem to work, so we implemented our own method to generate and retrieve the token using OAuth 2.0. However even with the token I cannot access the private layers.

I tried to set the token parameter in this way (see https://developers.arcgis.com/documentation/mapping-apis-and-services/security/):

 

var layer_1 = new Esri.GameEngine.Layers.ArcGISImageLayer("https://<LOCATION_SERVICE_URL>?token=<ACCESS_TOKEN>", “UN_Map_Imagery", 1.0f, true, "");
arcGISMap.Layers.Add(layer_1);

 

Or putting the token as API key like that:

 

var layer_1 = new Esri.GameEngine.Layers.ArcGISImageLayer("<my rest service>", “UN_Map_Imagery", 1.0f, true, "<access_token>");
arcGISMap.Layers.Add(layer_1);

 

 

But none of these methods work. From the log, when I am trying to access the layer I am always getting:  Error (Propagated error.)

Any suggestions?

 

Many thanks,

Ferdinando

0 Kudos
1 Solution

Accepted Solutions
ZackAllen
Esri Contributor

Hi Ferdinando, thank you for reaching out.
Appending the token to the service URL is not a valid workflow. Using the token you have, you can construct a credential in code. I recommend trying the following.

var credential = new ArcGISOAuthAuthorizationCredential("<ACCESSTOKEN>", DateTimeOffset.MaxValue, "<REFRESHTOKEN>");

var authenticationConfiguration = new ArcGISOAuthAuthenticationConfiguration("<CLIENTID>".Trim(), "<CLIENTSECRET>", "<REDIRECTURI>".Trim(), credential);
	
ArcGISAuthenticationManager.AuthenticationConfigurations.Add("<SERVICEURL>", authenticationConfiguration);

 
Also, I am curious why the provided OAuth sample did not work with your data. ArcGISOAuthAuthenticationConfiguration has a AuthorizationCredentialIssuedEvent. It might be worth checking if this event fires when attempting to authenticate using the pattern in the OAuth sample.

I hope this helps, please let me know if you have further questions.

Zack

View solution in original post

0 Kudos
3 Replies
ZackAllen
Esri Contributor

Hi Ferdinando, thank you for reaching out.
Appending the token to the service URL is not a valid workflow. Using the token you have, you can construct a credential in code. I recommend trying the following.

var credential = new ArcGISOAuthAuthorizationCredential("<ACCESSTOKEN>", DateTimeOffset.MaxValue, "<REFRESHTOKEN>");

var authenticationConfiguration = new ArcGISOAuthAuthenticationConfiguration("<CLIENTID>".Trim(), "<CLIENTSECRET>", "<REDIRECTURI>".Trim(), credential);
	
ArcGISAuthenticationManager.AuthenticationConfigurations.Add("<SERVICEURL>", authenticationConfiguration);

 
Also, I am curious why the provided OAuth sample did not work with your data. ArcGISOAuthAuthenticationConfiguration has a AuthorizationCredentialIssuedEvent. It might be worth checking if this event fires when attempting to authenticate using the pattern in the OAuth sample.

I hope this helps, please let me know if you have further questions.

Zack

0 Kudos
Fer
by
Emerging Contributor

Hi Zack,

Many thanks for your reply. This is exactly what we were looking for.

We also managed to make OAuth sample work, even though there are some unexpected behaviour. The problem for us was in the redirect uri setting.

Many thanks,

Ferdinando

 

 

0 Kudos
nilskuhn
New Contributor

Hi,

I am trying to access layers from a private ArcGIS GDI, too. I am trying it programmatically, using and adjusting the examples from:

/Assets/Samples/ArcGIS Maps SDK for Unity/1.4.0/Sample Content/Scenes/Scripts/Security

Using http://127.0.0.1:7070 as redirectUrl, it works until we are getting the authorization code from authorize endpoint within the running web server inside unity application. But in line 45 of SampleOAuthAuthenticationChallengeHandler.cs, the code ist passed to a Respond method, which expects a token.

So, to me, it looks like a POST request to token endpoint, exchanging the authorization code into an actual token is missing?!

if (authorizationCode != null){						 
    oauthAuthenticationChallenge.Respond(authorizationCode);
}

I can implement that request on my own, for sure, but how is the exemple extended? Or am I missing something?

Thanks for any help, regards, Nils

0 Kudos