GeoPlatform now fully supports OAuth2.0. In order to modify resources via the API (using HTTP POST, PATCH, PUT, and DELETE) your application will need to pass a valid Access Token (JWT) via the Authorization Bearer token.

In order to obtain Access Tokens you will first need to obtain a client_id and client_secret. You can obtain these by emailing the GeoPlatform service desk servicedesk@geoplatform.gov to register your application. Please include the fully qualified domain name for your application when submitting your request.

You can register users at the endpoints:

GUI: https://accounts.geoplatform.gov
Token: https://accounts.geoplatform.gov/auth/token
Authorization: https://accounts.geoplatform.gov/auth/authorize
Obtaining Access Tokens

There are three main types of Access Tokens.


Grant type requests are brokered by a back end service that stores refresh tokens. We provide a full Auth solution for NodeJS applications upon request. Beside this there are many other OAuth2 integration solutions that will allow you to authenticate against GeoPlatform. There are many tutorials published on the web detailing how to integrate OAuth2 into your backend service/application.


Implicit grants are used to redirect users to the OAuth2 server without the need for a backend service to broker the transaction. The redirect_uri allows you to bring your users back to your application once they are successfully authenticated.

Required Query String fields:

Field Example
response_type token
client_id 5a56aaeca9e0221520f413a9
redirect_uri http://myApp.com/auth


    https://accounts.geoplatform.gov/auth/authorize? client_id=5a56aaeca9e0221520f413a9

Client Credential Grant

Using a Client Credential Grant is a simple way to obtain Access Tokens without the need for a server. Obtaining an Access Token via a Client Credential Grant requires only making a single request to obtain the token.

Simply make a http POST request with Content type x-www-form-urlencoded to the Token endpoint with the following fields:

Field Example
client_id 5a56aaeca9e0221520f413a9
client_secret rbh7EU5ewLDCW7HeKzsDA2PwHBSjcfLB4LcTSPM7gK
scope read
username AlfredBenz
password kka&Laf7w2)E8f202!

A successful result will return an implicit Access Token in the following format:

Using the Access Token on API endpoints:

Once you have obtained an Access Token you will need to send it along on all requests to restricted endpoints. Send the token using the standard Bearer token protocol https://tools.ietf.org/html/rfc6750. The token needs to be set in the Authorization header of the request as follows:

    Authorization: ‘Bearer eyJhb…v5ML4’

A curl request would look like:

    curl -d ‘{“key1″:”value1”, “key2″:”value2”}’ -H “Authorization: Bearer eyJhb…v5ML4” -X POST http://ual.geoplatform.gov/myResource
Updated on December 12, 2019
Have Other Questions?
Please check out our FAQ page in case your question has already been addressed. If you still need help or want to report an issue, please send us an email at servicedesk@geoplatform.gov.
For questions about the federal government not related to GeoPlatform, visit USA.gov or call 1-800-FED-INFO (1-800-333-4636), 8am - 8pm ET Monday through Friday.