upgraders

Token Authentication Help

Discussion created by upgraders on Mar 1, 2013
Latest reply on Mar 8, 2013 by coldfusionPaul
I am trying to secure a feature service by using Tokens with my Javascript API application. The documentation seems a little lax with the new token setup for 10.1 and I am having problems with connecting to my REST services.

For example in admin to generate the token, it asks for the HTTP referer:..  does it have to be the exact page, the Domain, can it be just the domain or Domain and folder, hoes it HAVE to be HTTPS or can HTTP work?  In teh admin you can enter any # of Days but the drop down to create the token only has 1 year max.

Access to test the token without pulling my hair trying to figure it out. You use to be able to include the token in the URL

http://resources.esri.com/help/9.3/arcgisserver/apis/javascript/arcgis/help/jshelp_start.htm#jshelp/ags_security.htm

for (non working example from the help) :  http://premium.arcgisonline.com/Server/rest/services/ESRI_StreetMap_World_2D/MapServer?token=5fFo4%2fI4Tv8IGSqSYbpUNORRD%2fYxXMSPopt9CMknpXIjEVqYGm3uuQnU

However I can't get this to access using my REST URL and the Token. To test,  when I generate the Token,  In the HTTP referer: I am using the URL of my ArcGIS server, 1 year and HTML format. but I try going to the URL in a browser.  IT automatically redirects to the REST login page.

Can anyone shed some light? 

Thanks
Jason

Outcomes