Field Operations

Authentication with ArcGIS Android 100.0.0 Part 2

In part 1 of this post we discussed HTTP based authentication using he new DefaultAuthenticationChallengeHandler class against an ArcGIS Portal.  In this part we are going to focus on the basics of OAuth authentication.  Using OAuth 2.0 for ArcGIS Android apps opens the system browser OAuth login page supplied with a Redirect URI to receive the authorization code.  If  you are new to OAuth, we recommend you read through our ArcGIS Security and Authentication documentation.

Register your app

First, you’ll need to register you app. Registering an app generates a unique Client ID and Client Secret.  The Client ID is the public identifier for your app and used to build a login URL.

Redirect URI

In order to redirect the user back to your application after they authorize your application you need to setup a custom protocol handler. When the user authorizes your app the system browser will be redirected to this URI (my-arcgis-app://auth for example) with the authorization code. To authenticate named users your app must declare an Activity and intent filter the redirect URI which will parse the authorization code from the response URI and use it to fetch the OAuthTokenCredential. The general workflow is as follows:

The developer pattern is shown below:

[sourcecode language=”java”]
private void oAuthBrowser() {
try {
// create a OAuthLoginManager object with portalURL, clientID, redirectUri and expiration
String[] portalSettings = getResources().getStringArray(R.array.portal);
oauthLoginManager = new OAuthLoginManager(portalSettings[1], portalSettings[2], portalSettings[3], 0);
// launch the browser to get the credentials

} catch (Exception e) {
Log.e("error-", e.getMessage() + "");

The resulting Intent is handled in your applications AndroidManifest.xml file with the following:

[sourcecode language=”xml”]
<activity android_name="com.esri.arcgisruntime.sample.MainActivity">
<action android_name="android.intent.action.VIEW" />
<action android_name="android.intent.action.PICK" />

<category android_name="android.intent.category.DEFAULT" />
<category android_name="android.intent.category.BROWSABLE" />

android_scheme="my-ags-app" />

Note the value for android:scheme in the XML. This is the redirect URI that you configured when you registered your app. Finally, you fetch the credentials with the following pattern:

[sourcecode language=”java”]
// onCreate()

private void fetchCredentials(Intent intent) {
// Fetch oauth access token.
final ListenableFuture future = oauthLoginManager.fetchOAuthTokenCredentialAsync(intent);
future.addDoneListener(new Runnable() {
public void run() {
try {
oauthCred = future.get();
} catch (Exception e) {


You can see this developer pattern in our Maps App example app and in our Create and Save a Map developer sample.

Leave a Reply

Please Login to comment

Next Article

ArcGIS Enterprise on Kubernetes: Q&A from Dev Summit 2021

Read this article