HOW TO

Generate and use an ArcGIS Server token using Postman

Last Published: July 28, 2021

Summary

The following workflow discusses how to generate and use a token in a standalone ArcGIS Server site. This method works for GIS Server-tier authentication using both Windows and built-in user stores. For federated ArcGIS Server sites, tokens must be created through Portal for ArcGIS instead.

Procedure

  1. Launch Postman, and specify either the base generateToken URL for accessing services (https://gisserver.domain.com:6443/arcgis/tokens/generateToken), or the admin generateToken URL for administrative workflows (https://gisserver.domain.com:6443/arcgis/admin/generateToken).
Note 
The Web Adaptor URL can also be used here. Leave the Params, Authorization, and Headers sections as default. In the Body section, select the x-www-form-urlencoded radio button, to encode the username and password used to access ArcGIS Server.
  1. Add the following key:value pairs in the Body section:
    • Username - The username for the ArcGIS Server account
    • Password - The password for the ArcGIS Server account
    • Client - There are three options for this: ip, referer, and requestip. In this example, we will use the referer value to specify a base URL for everywhere we want to use the token. See the below documentation for scenarios where using ip or requestip would be useful.
    • Referer - The base URL of the ArcGIS Server resource to access, such as :6443/arcgis or :6443/arcgis/admin.
    • Expiration - The length of time the token is active. This has a maximum value controlled by the lifespan settings found in Server Manager > Security.
The added key:value pairs in the Body section
  1. Click POST, and copy the resulting token.
  2. Compose a new request to the ArcGIS Server resource to access. For example:
:6443/arcgis/services/SampleWorldCities/MapServer
  1. In the Params tab, add the token and paste the actual token in the key:value pair.
The actual token pasted in the key:value pair in the Params tab.
  1. Leave the Authorization and Body tabs as default, and in the Headers tab, add a new key:value pair of referer, and the referer URL specified in the previous request. For all subsequent requests using the previously generated token, add this referer key:value pair as a Header in order for the token to be accepted. Send the POST request, and note that the token is honored.
The POST request uses the token with the set parameters and is accepted by ArcGIS Server, allowing access to the desired service.

Article ID: 000025198

Software:
  • ArcGIS Server

Receive notifications and find solutions for new or common issues

Get summarized answers and video solutions from our new AI chatbot.

Download the Esri Support App

Related Information

Discover more on this topic

Esri Community

Search for related information

Training

Find training related to this topic

ArcGIS Ideas

Explore ideas and give feedback

Get help from ArcGIS experts

Contact technical support

Download the Esri Support App

Go to download options