AnsweredAssumed Answered

Application Authentication

Question asked by sjacksonesriaustralia-com-au-esridist Employee on Nov 26, 2015

I have a public geoform which feeds into a public feature service via a public webmap.

The public fill in sensitive details such as contact details. 

This service is public and can therefore be opened up by anyone.

I want to make use of application authentication to keep the geoform shared to public, but access a secure service.


I downloaded geoform, deployed to S3.

I registered this app with ArcGIS Online to get a key/secret.

I added this appid to the default.js in geoform:

"oauthappid": "11111111111111",

I don't have a public facing webserver so cannot host my own proxy.

Have added my app as an Allowed Domain and also as the redirect-uri.


When hitting the app I get a 'Token Required' error.

If I share the feature service to public, I can hit the app fine.


Is there anyway around this without using my own proxy?

I was hoping I could use the ArcGIS Online hosted proxy, but this appears to only allow you to configure proxies for the esri credit consuming services.  Was hoping their would be a proxy to allow just access to the content that is also owned by the same user that registered the app.


Any guidance would be great. 

If a proxy is required, other than spinning up an EC2 instance, what is a cheaper option?