We have a different department that has an application, they want to incorporate one of our layers into their application.
What is the best method to provide them access? API Key, Client ID/Secret?
Do we need to register their application to our portal?
You could secure the item and then create a built-in user to authenticate to this service.
The different department could then add the map service as an item, with storing credentials, to their ArcGIS Portal (https://enterprise.arcgis.com/en/portal/latest/use/connect-secured-services.htm#:~:text=store%20the%...).
If you want to be sure that the department won't share your data with other departments, you can specify the allowed origins on your ArcGIS Server by following this documentation:
"to their ArcGIS Portal"...they don't have a portal or anything at all.
It sounds like they just want to pull the table and don't care about the GIS side at all. That part is all on them.
But for example, if they wanted to bring it into mapbox or leaflet.
@CW-GIS Sorry for the delay I didn't see this notification.
Ah ok, so are they developers? If so, there are a number of ways they could access your secure services via the Esri Javascript API:
https://developers.arcgis.com/javascript/latest/secure-resources/
You will have to register their application with your Portal if using Oauth 2.0.
Apologies, I misunderstood the question and assumed everything was Esri 😎