OAuth 2.0 and Token-based differences

09-04-2019 02:57 AM
New Contributor III


 I have read the documentation and there is something I don’t fully understand, what is the difference between OAuth 2.0 and user login and Token-based login?

My scenario is that I want to use the OAuth 2.0 way with user login and proxy (the esri proxy on github).

Do I have to use also the client and app secrets?

What is the difference between Token-based in this case?

Bonus question: I know I have to protect also the app and the proxy itself (referrer is to week), is there out of the box solution for that?

Thank you.

0 Kudos
1 Reply
Esri Regular Contributor