Esri Leaflet

ArcGIS Server username/password

Example showing authentication with ArcGIS Server via a username and password. In this example a username and password are hardcoded in.

<html>
<head>
  <meta charset=utf-8 />
  <title>ArcGIS Server username/password</title>
  <meta name='viewport' content='initial-scale=1,maximum-scale=1,user-scalable=no' />


  <!-- Load Leaflet from CDN-->
  <link rel="stylesheet" href="https://unpkg.com/leaflet@1.1.0/dist/leaflet.css"
    integrity="sha512-wcw6ts8Anuw10Mzh9Ytw4pylW8+NAD4ch3lqm9lzAsTxg0GFeJgoAtxuCLREZSC5lUXdVyo/7yfsqFjQ4S+aKw=="
    crossorigin=""/>
  <script src="https://unpkg.com/leaflet@1.1.0/dist/leaflet-src.js"
    integrity="sha384-TWB9xRHTlLQmqAngHwD7usGcf4akGf0JP6aHwlgilpmOu2UuBq5aWLsDAh39iSn1"
    crossorigin=""></script>


  <!-- Load Esri Leaflet from CDN -->
  <script src="https://unpkg.com/esri-leaflet@2.0.8"
    integrity="sha384-ze7rgny7/YGFxBlVgTBdOABNWe5V9BYjju/qwqJhCU8XJHtuEnRlbUpN5lXyY706"
    crossorigin=""></script>


  <style>
    body { margin:0; padding:0; }
    #map { position: absolute; top:0; bottom:0; right:0; left:0; }
  </style>
</head>
<body>

<div id="map"></div>

<script>
  // workaround for old ie
  if (!window.location.origin) {
    window.location.origin = window.location.protocol + "//" + window.location.hostname + (window.location.port ? ':' + window.location.port: '');
  }

  var map = L.map('map').setView([34.089, -116.865], 9);
  L.esri.basemapLayer('Topographic').addTo(map);

  function serverAuth(callback){
    L.esri.post('https://sampleserver6.arcgisonline.com/arcgis/tokens/generateToken', {
      username: 'user1',
      password: 'user1',
      f: 'json',
      expiration: 86400,
      client: 'referer',
      referer: window.location.origin
    }, callback);
  }

  serverAuth(function(error, response){
    var dl = L.esri.dynamicMapLayer({
      url: 'https://sampleserver6.arcgisonline.com/arcgis/rest/services/Wildfire_secure_ac/MapServer',
      opacity: 1,
      token:  response.token
    }).addTo(map);

    dl.on('authenticationrequired', function (e) {
      serverAuth(function(error, response){
        e.authenticate(response.token);
      });
    });
  });
</script>

</body>
</html>