esriRequest on AGS site token service

JamesCrandall · ‎06-06-2019

I'm attempting to better understand the AGS token service and cannot seem to get thru some errors (probably something simple I'm missing). For starters, I simply just want to generate a token for a secured feature service and see it as a string/console. That's it.

Here's my sample that is hitting the error "Method not supported" in the console.log(error.message)….

var tokRequest = esriRequest({
    url: "https://myAGS/tokens/generateToken",
    method: "post",
    content: {
  	f: "json",
  	username: "myUsername",
  	password: "myPassword",  			           
  	referer: "<https://myAppPageURL>"
    }
   }).then(
     function (response) {
         console.log("Success: ", response.toJson);
     }, function (error) {
          console.log("Error: ", error.message); //<--error hits here
     }); ‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Any help is appreciated.

RobertScheitlin__GISP · ‎06-06-2019

James,

you do not have < or > in your referer string do you?

referer: "<https://myAppPageURL>"

JamesCrandall · ‎06-06-2019

No, I don't have those "<" ">" in the url.

JamesCrandall · ‎06-06-2019

Is this correct:

url: "https://myAGS/tokens/generateToken"

or this:

url: "https://myAGS/tokens"

If I use the later I get a different error related to CORS.

RobertScheitlin__GISP · ‎06-06-2019

James,

No the referer need to be the url of the app that your code is running in (i.e. https://localhost/myapp).

JamesCrandall · ‎06-06-2019

Even sending request via POSTMAN I get error:

{"error":{"code":405,"message":"Method not supported","details":"HTTP GET is disabled

RobertScheitlin__GISP · ‎06-06-2019

Using Postman you have to use POST and not GET.

JamesCrandall · ‎06-06-2019

I think it's just user error. I had the set to POST but it keeps sending GET requests for some reason.

JamesCrandall · ‎06-07-2019

I was able to successfully request a token in POSTMAN but still unable to programmatically get it done with the same parameters specified.

JamesCrandall · ‎06-11-2019

Is there any setting applied to the security of two different secured feature services, each with their own role/credential applied, that would require a different method to request a valid token from the AGS token service?

Strange, I know. As far as I can tell the security properties, roles, credentials on these two feature services in question are setup exactly the same way and on the same ArcGIS server site (the same token service!). We have developer with an existing app that works to generate the token with credential #1. However, that same exact code executed using credential #2 and it fails.

I am able to get a token via both Postman and Advanced Rest Client. The only difference I can see is that one of the requests requires the payload to be encoded while the other it doesn't matter.