We have an application created in Web AppBuilder that uses a map with 2 layers.
1.A hosted service layer that our organization controls
2.Another hosted by a third party. (We have permission to use the layer in our application.)
We also have a custom widget, so we downloaded the application and are hosting it ourselves.
Using the proxy (https://github.com/Esri/resource-proxy), our application is able to display both layers without a problem. However, this also means that anyone who knows the application's URL can anonymously access our application, which we don't want.
Our user base has ArcGIS.com logins, which according to the page below, suggests using a named user login.
https://developers.arcgis.com/documentation/core-concepts/security-and-authentication/
However, since our user base does not have a login to the 3rd party layer, it seems like we would have to use an app login combined with our proxy.
I essentially would like to use a named user login to control the login to our application, but once the user has been authenticated, they access the map and data through the proxy.
I can provide more details, but I've yet to devise proxy rules or a Web AppBuilder configuration that allows for this.
