Hey all, hope things are well. I'm finding some interesting differences between the capabilities of tokens returned from ArcGIS Online via App Login and User Login, and I'd like to get some feedback on potential alternate ways of doing things.
My understanding is that an App Login is essentially an anonymous login to whatever user the App has been registered with. As a result, when your app's identityManager has been fed a credential generated via App Login, your app should be able to 'see' whatever ArcGIS Online items that the user who registered the app is able to see, even if not publically shared.
I am finding that this seems to work when using the arcgisUtils.getItem() method on an ArcGIS Online item which has been shared to the registering user, albeit not to "Everyone", but I am unable to query Group Items using this token via the http://www.arcgis.com/sharing/rest/search? endpoint, or list the contents of a folder via http://www.arcgis.com/sharing/rest/content/users/<registeringUserName>/, unless the contents of that folder or group have been shared to Everyone.
Tokens generated via User Login can query Folder Contents and Group Contents regardless of whather or not the contents have been shared to Everyone.
This does make sense considering the Limitations described in the documentation (Limitations of App Login | ArcGIS for Developers ):
Tokens obtained by applications can only read public content and services.
Although this does seem odd because the getItem method appears to work on individual items.
Any thoughts on a potential way to use an App Login and have the ability to list/query non-public Folder and Group contents? Any thoughts on issues/limitations with dedicating a Named User specifically to a single app, and simply using it as a quazi-App-Login through a proxy? Just tossing it out there.