To start using REST with ArcWeb Services, you need an active subscription to ArcWeb Services. Then, you need an authentication token or UserID to verify you are authorized to access ArcWeb Services.
Request ArcWeb Services authentication for REST maps using an HTTP GET or HTTP POST getToken or getUserID request. Use a renewToken request in a Rich Client Application (RCA) to renew an ArcWeb Services authentication token.
https://www.arcwebservices.com/services/v2006_1/restmap?actn=getToken&usr=<user name>&pswd=<password>
It is highly recommended that you use the getToken request since the returned token has an expiration (default 60 minutes) while a token from a getUserID request does not expire. An expiration helps minimize the negative impact of a malicious client stealing and trying to reuse the authentication token to access ArcWeb Services. Also note that a UserID changes when the password changes.
https://www.arcwebservices.com/services/v2006_1/restmap?actn=getUserID&usr=<user name>&pswd=<password>
UserIDs do not expire, and they are not bound to the IP address of a client machine. This allows a REST request containing a UserID to be shared among multiple users. Every request with a UserID is charged to the account that issued the UserID regardless of who sends the request. You can only have one UserID per account. ESRI recommends using UserIDs only during phases of development and testing, when they offer more flexibility and convenience. ESRI recommends that you change your account password, which invalidates any existing UserIDs, and switch to using tokens before making an application public.
WARNING: If a token from a getUserID request is hacked and hijacked, it can be used to consume your ArcWeb credits. This can be stopped by changing your ArcWeb Services password, which changes your UserID, invalidating the previous one, or you can disable the UserID feature on the ArcWeb UserID account page.
http://www.arcwebservices.com/services/v2006_1/restmap?actn=renewToken&tkn=<token generated by getToken request>
Most ArcWeb requests, regardless of authentication method, consume credits from a user account. See Understanding credits and costs for more information.
Authentication (getToken or getUserID) and map are the main parameters for REST mapping URLs and are required. Use renewToken parameters in an RCA to renew a token.
| Authentication (actn=getToken) Gets an ArcWeb Services authentication token with an expiration | ||
|---|---|---|
|
Parameter |
Description |
Valid Values |
|
usr |
ArcWeb Services account user name |
String containing valid user name. Case sensitive. |
| pswd (required) |
ArcWeb Services account password |
String containing valid password. Case sensitive. |
| tout (optional) |
Expiration time of token, in minutes |
Minutes to expiration. Default value is 60. Maximum value is 1440. |
|
ip |
IP address of client application viewing ArcWeb maps. Only use if the client machine getting the token is different from the machine requesting the maps. Use the IP utility to view the IP address seen by ArcWeb. |
IP address in format xxx.xxx.xx.xxx such as 198.102.62.126. |
| Authentication (actn=renewToken) Renews an ArcWeb services authentication token for 60 minutes | ||
|---|---|---|
|
Parameter |
Description |
Valid Values |
| tkn (required) |
Authentication token from a getToken request |
ArcWeb Services token from a valid getToken request. Average length of string is 72–80 characters. |
Visit the Feedback page to give comments or suggestions about the ArcWeb Developer's Guide.