I am trying to set up authentication for an app but I am not sure what I am trying to do is possible. The app will be used by users "who are unknown to the ArcGIS platform" so I need to implement an "app login". However, the service to be accessed will need to be private because of confidentiality concerns. From what I have read in the developer docs it sounds like this combination is not possible. I tried to put together some code to try anyhow. If what I am trying is not possible, some alternate ideas would be greatly appreciated. I assume the "easiest" route would be, since I need to keep the service private, to make the individuals using the app ArcGIS Online users. The issue is I do not know who these individuals will be and they will likely change. The "users" will be truck drivers that will carrying the devices in their trucks to record when they enter certain locations.
What I have done so far:
1. Published a server with two layers (0: points, 1: polygons) which functions as expected.
2. Registered an app on developers.arcgis.com and acquired the Client ID and Client Secret.
3. Created a new role ("ThisRole") on ArcGIS Server Manager and added my username as a member (will have to change that at some point).
4. Made the service private and added "ThisRole" as the allowed role.
5. Added the code below to implement "app login".
6. Created a simple app to perform a QueryTask on a layer in the service to see if the app could acquire access.
7. Ran the app with the service public. QueryTask returned with correct query result.
8. Ran the app, multiple times, with the service private. QueryTask result was null.
I have tried several variations of the code below. I am not completely sure which parameters are required and, for some, what the parameter value actually needs to be or where the value comes from. For example, I may be mixing user and app login parameters. I have been using the following resources:
https://developers.arcgis.com/qt/qml/guide/use-oauth-2-0-authentication.htm
https://developers.arcgis.com/authentication/accessing-arcgis-online-services/
App Code:
import QtQuick 2.3
import QtQuick.Controls 1.2
import ArcGIS.Runtime 10.26
ApplicationWindow {
id: appWindow
width: 800
height: 600
title: "authentication"
property string urlPolygonLayer: "url/to/feature/service/layer"
UserCredentials {
id: credentials
oAuthClientInfo: OAuthClientInfo {
clientId: "client_id_from_registered_app"
clientSecret: "client_secret_from_registered_app"
oAuthMode: Enums.OAuthModeApp
}
}
Connections {
target: ArcGISRuntime.identityManager
onOAuthCodeRequired: {
console.log("onOAuthCodeRequired signal")
// ????? Not sure what authCode and authorizationUrl need to be. Tried a few times but no luck.
// Access URL in the authorizationUrl property to obtain auth code
var authCode = …
// apply the auth code to the identity manager
ArcGISRuntime.identityManager.setOAuthCodeForUrl(authorizationUrl, authCode)
}
}
QueryTask {
id: queryTask
url: urlPolygonLayer
onQueryTaskStatusChanged: {
console.log("onQueryTaskStatusChanged signal")
if (queryResult === null) {
console.log("Query result is null.")
} else {
console.log("Query result length: " + queryResult.graphics.length)
}
}
}
Query {
id: query
where: "1=1"
}
Component.onCompleted: {
// Add the credentials to the identity manager
// ????? Not sure what "some_url" is supposed to be here. I have used "https://domain.com/arcgis/rest"
ArcGISRuntime.identityManager.setCredential(
credentials, some_url)
queryTask.execute(query)
}
}