Hello,
Just wondering is there is any plan to extend a bit the scope of OAuth to support non interactive login and ease integration of a small map components into more complex web application or micro services architecture ?
I found a couple of threads asking for that but it seems to me they did not catch the deserved attention as they did not get any reply which is generally not a good sign...
https://community.esri.com/t5/arcgis-online-questions/access-organization-resource-programmatically/...
https://community.esri.com/t5/arcgis-enterprise-ideas/support-the-oauth2-0-token-exchange-grant-type...
What is ESRI's point of view on this request ? Is there anything wrong with this method and your authorization scheme ?
In your documentation, you are pushing for OAuth2.0 to be used:
https://developers.arcgis.com/documentation/security-and-authentication/user-authentication/flows/ge...
Allowing token_exchange would I think, prevent some complex architecture leveraging `generate-token-flow` to bypass this limitation.
Thanks for listening,
