Esri · OAuth Scopes

Esri OAuth Scopes

OAuth 2.0 derived

Esri uses OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (e.g. client-credentials or role-based authorization) rather than per-scope consent.

Tokens are issued from https://www.arcgis.com/sharing/rest/oauth2/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

GeographicGeospatialGISLocationMappingMapsSpatial Analysis
Scopes: 0 Flows: clientCredentials, authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://www.arcgis.com/sharing/rest/oauth2/authorize
Token URL
https://www.arcgis.com/sharing/rest/oauth2/token
Flows
clientCredentialsauthorizationCode

Scopes (0)

Esri implements OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (client-credentials or role-based authorization) rather than per-scope consent.

Esri ArcGIS OAuth 2.0 does not use OAuth scopes — the /oauth2/authorize endpoint has no scope parameter, and access is instead governed by privileges assigned to ArcGIS accounts and developer credentials (https://developers.arcgis.com/documentation/security-and-authentication/reference/privileges/).

Source

OAuth Scopes

esri-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/esri-openapi.yml
docs: https://developers.arcgis.com/documentation/security-and-authentication/reference/privileges/
note: >-
  Esri ArcGIS OAuth 2.0 does not use OAuth scopes — the /oauth2/authorize
  endpoint has no scope parameter, and access is instead governed by
  privileges assigned to ArcGIS accounts and developer credentials
  (https://developers.arcgis.com/documentation/security-and-authentication/reference/privileges/).
schemes:
- name: oauth2
  source: openapi/esri-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://www.arcgis.com/sharing/rest/oauth2/token
  - flow: authorizationCode
    authorizationUrl: https://www.arcgis.com/sharing/rest/oauth2/authorize
    tokenUrl: https://www.arcgis.com/sharing/rest/oauth2/token
scopes: []