Hey all,
Hoping that someone can help me answer a question regarding REST APIs and third-party access.
Overview
Currently, my organization uses an MS Access Database as a datastore for client records. My predecessor setup a Python script that runs a comparison between the Access Database and the corresponding AGO hosted feature layer (HFL) and updates the HFL if any discrepancies arise by using the Access Database as the source of truth. It also updates any view layer queries and attributes in two separate HFLs if any companies change their names. This workflow was created as the client records are visualized spatially and on a dashboard in our AGO site.
Currently, my organization is moving the database away from MS Access onto a third party data management platform that is managed by the respective company, however the above workflow still needs to be recreated. The way forward that we figured would work best is by utilizing the REST API. The onus will be on the data management company to build out the process, but I'm not sure how to grant a third-party access to add, edit, and remove data, and alter settings of items (e.g., adjust view layer queries) via the REST API.
Question
How can I grant a third-party the ability to add, edit, and remove data in HFLs, update view layer queries, replace items in AGO (e.g., CSVs for choice lists in S123), etc. via the REST API? Is some/all of this possible?
My current train of thought is to create a data editor account for them in my organization that they could utilize, but is there a better way to achieve this without having to create an account for them?
I did a brief skim of the authentication documentation but admittedly, it's quite foreign to me at the time. I figure I'd ask here first before diving into documentation in case anyone is able to answer the question or point me in the right direction.
Thanks all!