ArcGIS REST JS
ArcGIS REST API JavaScript Client

exchangeToken

Function

Request app-specific token, passing in the token for the current app.

This call returns a token after performing the same checks made by validateAppAccess. It returns an app-specific token of the signed-in user only if the user has access to the app and the encrypted platform cookie is valid.

A scenario where an app would use this is if it is iframed into another platform app and receives credentials via postMessage. Those credentials contain a token that is specific to the host app, so the embedded app would use exchangeToken to get one that is specific to itself.

Note: This is only usable by Esri applications hosted on *arcgis.com, *esri.com or within an ArcGIS Enterprise installation. Custom applications can not use this.

  • exchangeToken(token: string, clientId: string, portal: string) : Promise<string>

Parameters

Parameter Type Default Notes
token Required string
clientId Required string

application
portal Optional string "https://www.arcgis.com/sharing/rest"

Returns

Promise<string>
Function defined in packages/arcgis-rest-auth/src/app-tokens.ts:25