why does generatetoken request only support referer type?

168
1
03-20-2019 10:22 AM
聖智王
New Contributor II

hello everyone!

 the generatetoken API reference shows that only the referer value is supported even if there are other values(ip address and requestip) can be choose. If the ip address and requestip are supported, it should be useful. And according my understanding, the referer value is not really used to verify website's referer. Is there any reason?

0 Kudos
1 Reply
BirajaNayak
Occasional Contributor III

"The referer value only supported for generating token" looks like by design. Here is the web help from Rest API:

https://developers.arcgis.com/rest/users-groups-and-items/generate-token.htm

It also states the same:

The client type that will be granted access to the token. Only the referer value is supported. In the Generate Token page, select the Webapp URL option to specify the referer.

You can log this idea of "including IP address or request IP  for generating token " to Esri Idea site as per below and also log an enhancement request by logging a case with Esri Support Service. Esri developers are very active on ideas site.

https://community.esri.com/community/arcgis-ideas/

Thanks,

Biraja