The first part of the help document sounds like what I'm looking for:
The application login approach is used when the application authenticates with the platform on behalf of itself. In this scenario an application that is registered with the platform can log in without requiring application end users to log in using platform credentials. This means you can build applications that provide anonymous access to the resources. Be aware that applications using the application login approach are susceptible to misuse. Developers can build logic into the application to try and limit misuse using techniques like IP address checking and rate limiting.
I don't care to know who is viewing it exactly, they can view it "anonymously" because I know the only users who can get access are the ones who can log in to the overall application anyway.
I will not be registering my application with ArcGIS Online or Portal, so anything with OAuth 2.0 is out. I also do not wish to pursue HTTP/Windows authentication as that seems more complicated than necessary (someone correct me if I'm wrong).
Thus, I am left with tokens. The problem is that I have no idea how to get started with creating a proxy server-side component and I can't seem to find any tutorials on it. Can anybody point me in the right direction or have anything to add?
Using JS API 3.x, AGS 10.6