arcgis-rest-js icon indicating copy to clipboard operation
arcgis-rest-js copied to clipboard

Published 20 hours ago verified publisher icon Esri

Add `platformSelf` function to -auth package

Open dbouwman opened this issue 5 years ago • 1 comments

from confluence...

/platformSelf Endpoint: /sharing/rest/oauth2/platformSelf (POST only)

This call returns token after performing checks made by /validateAppAccess call - i.e it returns app specific token of calling user only if user has access to the app and the encrypted cookie is valid.

Expiration of the token received matches the platform cookie's expiration.

Request Headers:

  • Origin - origin representing the origin of the app making this request
  • Referer – Referer of the request. Either origin or referer have to be provided and these have to be from the same domain as that of arcgis.com, esri.com for AGOL and the Enterprise Portal domain for on-prem.
  • X-Esri-Auth-Client-Id – ClientID of the app that is making this self request to fetch the user information from the platform cookie if exists. This is only allowed for some of the Esri apps.
  • X-Esri-Auth-Redirect-Uri – Redirect Uri of the app that is making this self request to fetch the user information from the platform cookie if exists.

Response Type: json

Response: { “username“: “<username>”, token”: “asdasdfasdf” }

If the cookie does not exist, following error is returned.

{ code: 400, messageCode: "OAUTH_0066", message: "No signed in user found.", “details”:[]}

dbouwman avatar Oct 19 '20 14:10 dbouwman

added... but there is an issue w/ the credential fetch param we are still addressing

dbouwman avatar Nov 18 '20 21:11 dbouwman

@dbouwman can this one be closed?

gavinr avatar Mar 24 '23 15:03 gavinr