I have read the documentation and there is something I don’t fully understand, what is the difference between OAuth 2.0 and user login and Token-based login?
My scenario is that I want to use the OAuth 2.0 way with user login and proxy (the esri proxy on github).
Do I have to use also the client and app secrets?
What is the difference between Token-based in this case?
Bonus question: I know I have to protect also the app and the proxy itself (referrer is to week), is there out of the box solution for that?