I have a web map application that was written in HTML & JavaScript (using the ArcGIS JavaScript API). It desplays a few services that reside on an ArcGIS Server (10.2). It also has a custom legend that is created by requesting legend information directly from the ArcGIS REST Service using an ajax call.
It was recently decided that the application should be "locked down" and require a login in order to access it. We accomplished this by using the ArcGIS Server Manager to "lock" one of the services that the application consumes, and set a user/password to access it. The IdentityManager was also subsequently added to the application code. Now, when we navigate to the application, we are prompted for a username and password. After entering the correct credentials, access is provided and the "locked" layer successfully loads.
Unfortunately, the legend, which relies on an ajax call to the (now restricted) service endpoint, is not working. The ajax call returns error code 499 with the message "Token Required." I'm fairly new to ajax calls to begin with, and not at all familiar with service authentication and tokens. What is the correct way to pass the token with my ajax call in order to get the information I need to create my legend (and if I need to explicitely obtain the token, how do I do that?)
Best Answer
The state of the IdentityManager can be retrieved using the toJson() method. That should give you the token to use with the ajax calls.