I am in the process of building a website that displays items on the map, part of the work I'm doing is drawing my own polygons using http://geojson.io and then I load them into my Postgresql spatial database. The polygons are being served over HTTP using my REST API in geojson format which is completely separate from my client.
I am building the client using ReactJS and I'm using the ArcGIS API. I am able to load the polygons over http and add them as a layer however, I am trying to encrypt that data in a way that only my application will be able to render them on the map since I'm spending a lot of time drawing these polygons and I would like to protect that work.
I have been looking around for solutions but I am not able to find something that looks like it would work well, my best solution so far is to somehow create a custom encryption and decrypt the data once it's loaded in the client and before creating my ArcGIS polygon.
Is there something built into the API that would help in some thing like this ? are there any better ideas to do this
I appreciate your help,
There's nothing in the JSAPI to help with this. There's identity tools for ArcGIS services, hosted and enterprise, but not client encryption.
This use case is a little unusual. A case like this is usually handled by proving an API between your postgres and clients. The API can have it's own authentication or a referrer whitelist. But you'd need to manage this yourself in the client side app with JWT or other authentication scheme.
Alternatively, you could have a periodic script export from your db to ArcGIS online, publish or update geojson to a featureservice and use ArcGIS auth in your app.
Lots of fun options.
Thank you for those ideas, maybe using a featureservice would work. Those polygons are local administrative areas and they wouldn't change but I have to load them on demand as soon as the user changes the area.
I will experiment more with that