I have a public geoform which feeds into a public feature service via a public webmap.
The public fill in sensitive details such as contact details.
This service is public and can therefore be opened up by anyone.
I want to make use of application authentication to keep the geoform shared to public, but access a secure service.
I downloaded geoform, deployed to S3.
I registered this app with ArcGIS Online to get a key/secret.
I added this appid to the default.js in geoform:
"oauthappid": "11111111111111",
I don't have a public facing webserver so cannot host my own proxy.
Have added my app as an Allowed Domain and also as the redirect-uri.
When hitting the app I get a 'Token Required' error.
If I share the feature service to public, I can hit the app fine.
Is there anyway around this without using my own proxy?
I was hoping I could use the ArcGIS Online hosted proxy, but this appears to only allow you to configure proxies for the esri credit consuming services. Was hoping their would be a proxy to allow just access to the content that is also owned by the same user that registered the app.
Any guidance would be great.
If a proxy is required, other than spinning up an EC2 instance, what is a cheaper option?