ArcGIS Online token in ArcGIS Pro

02-03-2016 06:53 AM
New Contributor II


Using the ArcGIS Pro SDK, is there a way to get hold of the ArcGIS Online or Portal token? I found out that you could do that in the Javascript API ( and the ArcObjects SDK (, but could not find anything equivalent for ArcGIS Pro SDK.

I am aware the EsriHttpClient class would include the token in requests made to ArcGIS Online, but I want to make requests to a service which uses ArcGIS Online for authorization, so I need to use the actual token.


0 Kudos
3 Replies
New Contributor

Hi Tung Nghiem,

Currently there is no public API to hand out a token to the user. We are still evaluating the need to do so, given that we have provided EsriHttpClient class which should internally append token to requests if needed.

Can you give more details on why you need the token and what you are exactly trying to do?



0 Kudos
New Contributor II

Hi Tushar,

Thank you for your reply.

We have a cloud service that allows users to read/write non-spatial data from/to. We are looking to develop a Javascript widget (for use in the WebAppBuilder) as well as an ArcGIS Pro plugin which allows the user to use our service from within the ESRI software.

The reason we need access to the token is because we want to use the ArcGIS Online user authorization and management capabilities with our service, rather than developing our own. The user would log in once with their ArcGIS Online credentials (in the web app or ArcGIS Pro), and then they will have access to both their ArcGIS Online data, as well as their data on our service.

Hope that makes sense.



0 Kudos
New Contributor

Hello Tushar;

I also have a use case for which access to the ArcGIS Online (AGOL) token is required. Our team is prototyping a solution that we intend to deliver after ArcGIS Pro 1.3 is released. We are eagerly awaiting this release for the "solution Based Configuration" presented at Dev summit earlier this year (by Charlie Macleod and Steve van Esch)​ in order to migrate a .NET runtime application into an ArcGIS Pro solution. We currently have a security model that leverages AGOL authentication to additionally secure our ASP.NET standalone services which in turn access token-secured services from an on premises ArcGIS Server. It is somewhat complex, but necessarily-so for a variety of business reasons. The model works well, and requires only a single sign-on to AGOL in order to provide security to the entire spectrum of services accessed by the client application.

When we migrate to ArcGIS Pro we will require access to the AGOL token via the Pro API in order to pass it to our proprietary services to work with the existing security model. As you mentioned, the EsriHttpClient class internally appends tokens to requests when needed, but I am concerned about two things in that regard:

  1. That the system does not recognize the need to append the token when calling our internal (non-portal) service.
  2. That all HTTP requests in our solution will have to be modified to use the EsriHttpClient class exclusively for this purpose. This is a significant change across our solution, and it will impact our decision to proceed in this direction.

Given that it is technically possible to examine the HTTP requests post-modification we can envision a hack solution that will allow us to obtain the Token, but we would much prefer to access the token via a sanctioned API method. Please consider augmenting the API with support for this capability.



0 Kudos