Hello,
I have been developing a mobile application that is utilizing some secured services from ArcGIS.com. I have been able to access them pretty easily using app login described in this link.
https://developers.arcgis.com/javascript/jshelp/tutorial_sharing_maps_secure_layers.html
However I noticed that although the layers authenticate and display on the map properly the attachment links within the standard popup window open another tab and then display a token required page rather than the image or attachment. At this point I am unsure exactly how to proceed. I imagine I would need to somehow append a token to the attachment url which is easy enough however I am unsure of how to properly obtain the token or if that is even how to do it the right way. Any help would be appreciated.
Thanks,
Isaiah Aguilera
As long as both pages are on the same domain and you can modify the JavaScript code of the second page, you can pass the credential information via a cookie or the browsers local storage.
You can extract the data from IdentityManager.toJson(), and then pass it back in with IdentityManager.initialize().
If these are on different domains but you are able to modify the code, you could always pass the token and the rest of the required data through the URL as GET parameters, but you will be exposing this information to the end-user which may lead to security issues. This method also means that you have to deconstruct and re-build the Identity Manager state objects yourself.
Lastly, if you have no control over the second (e.g. an ArcGIS Online page), you are out of luck.
Unfortunately I think I am in the out of luck section. The "second page" as you put it is just a new browser tab that displays the attachment image from ArcGIS Online. I am not sure how to go about modifying this in any way besides modifying the attachment URL that is loaded, I am going to have to try and investigate this further.
Thanks,
Isaiah Aguilera