I'm wondering what are the options when authenticating a user when showing a secured WebMap using JS API?
1. Use OAuth flow.
2. Ask the credentials on client side and use Identitymanager.generateToken.
What else? Can we just let the portal handle the authentication, i.e. when opening the map the portal would ask for credentials and user would have on-going session and API calls would just work? This way I can get the authen form visible but it ends up in " 'referer' must be specified. " error when pressong "Login".
The background for this question is that I'm working on a software where OAuth flow is not very trivial to accomplish and on the other hand I would not like to create my own form that collects user credentials on client side. I'd prefer ArcGIS to show the login form and handle the authentication.
Did you have a chance to review the authentication options we describe in our guide pages?
Working with the ArcGIS Platform
Access secure resources