Community
Select to view content in your preferred language

Implementing app authentication with client secret in Runtime SDK 200.7

261
6
Jump to solution
09-22-2025 06:03 PM
azlotin
by
Emerging Contributor
‎09-22-2025 06:03 PM

I have the following working Runtime SDK 100.x code implements application authentication:

ServerInfo serverInfo = new ServerInfo
{
ServerUri = new Uri(SERVER_URL),
TokenAuthenticationType = TokenAuthenticationType.OAuthClientCredentials,
OAuthClientInfo = new OAuthClientInfo { ClientId = CLIENT_ID, ClientSecret = CLIENT_SECRET, RedirectUri = new Uri(REDIRECT_URL) }
};

AuthenticationManager.Current.RegisterServer(serverInfo);
AuthenticationManager.Current.OAuthAuthorizeHandler = new OAuthAuthorize();
AuthenticationManager.Current.ChallengeHandler = new ChallengeHandler(CreateCredentialAsync);

As OAuthClientInfo is obsolete at 200.7, I have rewritten this as:

ServerInfo serverInfo = new ServerInfo(new Uri(SERVER_URL))
{
TokenAuthenticationType = TokenAuthenticationType.OAuthClientCredentials,
};

AuthenticationManager.Current.RegisterServer(serverInfo);
var userConfig = new OAuthUserConfiguration(new Uri(SERVER_URL), CLIENT_ID, new Uri(REDIRECT_URL));
AuthenticationManager.Current.OAuthUserConfigurations.Add(userConfig);
AuthenticationManager.Current.OAuthAuthorizeHandler = new OAuthAuthorize();
AuthenticationManager.Current.ChallengeHandler = new ChallengeHandler(CreateCredentialAsync);

How do I include Client Secret here so the users are not getting the authentication prompt? I understand I should be using OAuthApplicationCredential, but I cannot figure out how.

Thanks!

0 Kudos
1 Solution

Accepted Solutions
dotMorten_esri
by Esri Notable Contributor
Esri Notable Contributor
‎09-23-2025 02:33 PM

To add to Preeti's answer, ALL of the above code can be replaced with 

AuthenticationManager.Current.AddCredential(await OAuthApplicationCredential.CreateAsync(SERVER_URL, CLIENT_ID, CLIENT_SECRET));

When using an app credential added up front, there's no need for messing with server infos, oauth configs, credential callbacks etc. Just the above line before accessing your server.

View solution in original post

0 Kudos
6 Replies
PreetiMaske
by Esri Regular Contributor
Esri Regular Contributor
‎09-23-2025 09:51 AM

Here is the detailed blog post that explain usage of new auth APIs and how to best use them

https://www.esri.com/arcgis-blog/products/sdk-net/developers/new-auth-apis-for-dotnet-sdk

Please give this a read, especially `Configuring OAuth` section that particularly talks about OAuth. For OAuth app authentication, pass client ID and client secret directly to OAuthApplicationCredential.CreateAsync.

Hope this helps,

Thanks

0 Kudos
dotMorten_esri
by Esri Notable Contributor
Esri Notable Contributor
‎09-23-2025 02:33 PM

To add to Preeti's answer, ALL of the above code can be replaced with 

AuthenticationManager.Current.AddCredential(await OAuthApplicationCredential.CreateAsync(SERVER_URL, CLIENT_ID, CLIENT_SECRET));

When using an app credential added up front, there's no need for messing with server infos, oauth configs, credential callbacks etc. Just the above line before accessing your server.

0 Kudos
azlotin
by
Emerging Contributor
‎09-24-2025 05:59 AM

Thank you both for the prompt answers!

0 Kudos
azlotin
by
Emerging Contributor
Monday

Hi Morten,

I spoke too soon back in September. The single line of code you suggested does not appear to work. The line executes without any errors, but the map remains empty, with no layers loaded. This is the behavior when debugging in Visual Studio. If the application is deployed to another machine using an installer, the map is not loaded either and the application crashes a few seconds later.

The lengthy version of the code in my original post does not throw any errors but brings up the portal login prompt.

Any ideas? Thanks.

 

0 Kudos
dotMorten_esri
by Esri Notable Contributor
Esri Notable Contributor
Monday

When you say they don't load, what load errors do you see? (observe the errors coming from LoadAsync, or just look in the debug output window where load errors should also be written)

0 Kudos
azlotin
by
Emerging Contributor
Tuesday

Thanks Morten, there are indeed errors in the Output window (see below). Not sure what this means. Do Client Id and Client Secret need to be updated? They are the same as in the original 100.x application.

Accessing https://basemapstyles-api.arcgis.com requires authorization. Set a ChallengeHandler to provide credentials. For more information see https://developers.arcgis.com/net/security-and-authentication/
ArcGIS Maps SDK: Load Error: Basemap
Esri.ArcGISRuntime.Http.ArcGISWebException
Token Required.
The required authentication information is missing. Unable to authorize access without a valid token.
ArcGIS Maps SDK: Load Error: Map
Esri.ArcGISRuntime.Http.ArcGISWebException
Token Required.
The required authentication information is missing. Unable to authorize access without a valid token.
0 Kudos