This is a demo implementation of a Node.js server that acts as a proxy service for ArcGIS application credentials.
Learn more about ArcGIS application credentials.
If you use ArcGIS and need a more secure authentication method than API keys, application credentials are a possible choice. This uses the OAuth protocol client_credentials grant type with ArcGIS location services to request an authentication token and use it to authenticate services in your client app. However, you do not want to bake in your clientID and clientSecret in a client app as that could expose your credentials to hijacking. If a nefarious entity gets hold of your credentials they could create tokens on your behalf. To avoid that and keep your credentials secure, your client app requests authentication tokens from an app like this one. The token also expires, requiring frequent refreshing and updating the client app with valid tokens. It is also expected your server will run over HTTPS.
Make a copy of this folder.
-
Install the dependencies with
nm install. -
Log in with your ArcGIS Developer account at https://developers.arcgis.com. Create a new OAuth 2.0 application definition (you can use an existing app.) Copy the Client ID and Client Secret.
-
Rename
.env.sampleto.env. Note.envis not committed to version control via.gitignoreso your secrets are not shared. Edit this file to replaceYOUR_CLIENT_IDandYOUR_CLIENT_SECRETwith the values from your registered application. -
Run the app with
npm start. The app will listen on port 3080 at the/authendpoint where it expects authorized clients to request authentication tokens.
You can set the port by setting the environment variable
PORTin your.envfile, the command line environment, or by editing the code.
- Use a client app to request an application token that can then be used to authenticate with ArcGIS location services. An example client app implementation can be found in JavaScript demo using application token authentication.