OAuth 2.0 and Token-based differences

Discussion created by omerba on Sep 4, 2019
Latest reply on Sep 4, 2019 by PKlingman-esristaff


 I have read the documentation and there is something I don’t fully understand, what is the difference between OAuth 2.0 and user login and Token-based login?


My scenario is that I want to use the OAuth 2.0 way with user login and proxy (the esri proxy on github).

Do I have to use also the client and app secrets?

What is the difference between Token-based in this case?


Bonus question: I know I have to protect also the app and the proxy itself (referrer is to week), is there out of the box solution for that?


Thank you.