No Security is used if your services do not have security.

1. To set No Security as the security type, select it from the Security Type drop-down list.

OAuth2 App is used if you use ArcGIS Online or Portal for ArcGIS and want application-based security. This option allows you to use an app ID instead of your ArcGIS Online login or password.

NOTE: If you want to access private content within an organization or content that has been shared with a user, you must use the named user login pattern for authentication unless using premium content or services hosted by Esri. See Esri's Limitations of App Login documentation for more information.

1. To set OAuth2 App as the security type, select it from the Security Type drop-down list.

2. Enter the Token URL from your ArcGIS Online account, or click Use AGO URLs to populate this field with the URL used by ArcGIS Online.
3. Enter the App Id from your ArcGIS Online account.
4. Click Set App Secret to set the app secret (password).
5. Click Test Security to ensure that there is a valid token for the service.

OAuth2 User is used if you use ArcGIS Online or Portal for ArcGIS and want user-based security.

1. To set OAuth2 User as the security type, select it from the Security Type drop-down list.

2. Enter the Token URL from your ArcGIS Online or Portal for ArcGIS account, or click Use AGO URLs to populate this field with the URL used by ArcGIS Online.
3. Enter the Authorization URL from your ArcGIS Online account, or click Use AGO URLs to populate this field with the URL used by ArcGIS Online. The Authorization URL is slightly different than the Token URL.
4. Enter the App Id from your ArcGIS Online or Portal for ArcGIS account.

IMPORTANT: Starting at 15.8.2, the Is Permanent check box was removed because Esri discontinued support for permanent tokens due to security concerns.

The Redirect URL is the URL that you need to configure in ArcGIS Online or Portal for ArcGIS. The URL ends with OAuthRedirect.aspx.

5. Click Set App Secret to set the app secret (password).
6. Click Authorize to authorize the security information that you have entered.

NOTE: To register an app in ArcGIS Online or Portal for ArcGIS so Cityworks can authorize against it, see the related Esri documentation here.

7. Click Test Security to ensure that there is a valid token for the service.

Token is used if you use token-based security. This is useful if you are externalizing and want your services accessible from anywhere, but still secured.

1. To set Token as the security type, select it from the Security Type drop-down list.

2. Enter the Token URL that Cityworks uses to get the token. This URL is based on the name of your Esri server.
3. Enter the number of minutes that the token lasts in the Timeout field. The default is 60. Make sure that this value does not exceed what has already been configured in ArcGIS Enterprise.
4. Enter the User Id of the user you use with your Esri server. For security reasons, the password is not displayed on this page.
5. To set the password for the first time, click Set Password. To change the existing password, click Change Password.
6. Click Test Security to ensure
7. that there is a valid token for the service.

After Token is set as the security for the service resource, it appears highlighted in the Service Resources panel.

For more information on security types, see Service Resources Fields.