Hello,
I'm working with a suite of .NET Framework 4.8 programs written against ArcGIS Runtime 100.x. I am attempting to migrate to 200.x and am having difficulties with authorization.
Many of the programs are headless and share login credentials via a PostgreSQL database.
They already have their own installers; MSIX is not an option.
They require the ability to enumerate and push/pull data from ArcGIS Online items belonging to an organization without given explicit privileges to do so. For this reason, an API key solution has been disregarded.
The way forward seems to be user authorization, but since the programs are headless and may be distributed across a number of machines in an organization, I was aiming to have users interactively authorize the app one time (via the one program that has a GUI), then store an encrypted refresh token in the database that the headless programs could retrieve and use to get access tokens.
This is where I'm hitting a roadblock. I have code in place to retrieve the refresh and access tokens, but I can't see a way to plug them in to the OAuth architecture of 200.x.
Given the above constraints, what is the way forward?
