I then flipped the esri secured service in the example to my secured service. My service is also secured with ArcGIS Security (User / Role).
I can hit my secure rest endpoint directly add my user name and pass and see my services but when I'm prompted the application I try to use the exact same user name and password (which works at the end point) and receive the following message (see attachment).
Now if I use my secure address https:// (my server / web portal and services are all using SSL certificate on the server) the dialog box doesn't read my services and server but it does when I use my internal address http:// Also when I use the https:// site address the OK and Cancel buttons are not available, they are there but I can't click them
See 2nd screen shot
I can hit my internal address and external address endpoints directly and my password and username work .
The first one with the Security error is where I'm trying to hit the address which is not HTTPS. It first send trys to tunnel to my server
[HTML]Encrypted HTTPS traffic flows through this CONNECT tunnel. HTTPS Decryption is enabled in Fiddler, so decrypted sessions running in this tunnel will be shown in the Web Sessions list.
In your second screenshot it seems the SignInDialog is called with an empty or null Url. Did your set the Url property correctly by code?
It is the right URL just using HTTPS which is what I want. I can copy the address and hit the end point log-in screen directly and get in. Fiddle does throw this error and it happens on startup before I try to login
At this point I've used all 3 SDK examples with the original code (they work) and then just swapped out my URLs and they don't work and I'm out of options. THink I might need to contact support...unless if you want to see my url and login I can send them your way.
I don't know how your server is configured, but I have a ArcGIS server configure with proxy server, https, the map services are securtied. I don't have any problem with signin dialog with SL API.
What I did, I used all services as https, like the following: