I want to be able to bypass the login screen that is shown when trying to view private layers on a map using the JS API. I've found this solution using application credentials that works using client_id and client_secret after registering an application:
var url = "https://www.arcgis.com/sharing/rest/oauth2/token";
var token = "";
esriRequest(url, {
query: {
client_id: "CLIENT_ID",
client_secret: "CLIENT_SECRET",
grant_type: "client_credentials"
},
method: "post"
})
.then((response) => {
token = response.data.access_token;
esriId.registerToken({
server: "https://www.arcgis.com/sharing/rest",
token: token
})
})
.catch((err) => {
if (err.name === 'AbortError') {
console.log('Request aborted');
} else {
console.error('Error encountered', err);
}
});
...but after checking here (https://developers.arcgis.com/documentation/security-and-authentication/other-authentication-methods... I'm unclear whether I'd be within the terms of use using this method. I see that under limitations I'm directed to use ArcGIS Identity to access private content, but that link details a method that requires login, which is what I'm trying to avoid (though I haven't tested the workflow that is described there). Can anyone verify whether the method above is within terms of use for the JS API? Thanks so much in advance.
