Hello,
We are trying to implement popup-less authentication, which could be used with ArcGIS Enterprise and ArcGIS Online. Customers require from us some sort of "do it once and do not worry about it later" approach, where their admin user of our app configures ArcGIS authentication once, and then each user that logs into our app does not bother about doing anything that is connected with authentication to their ArcGIS portals - it happens automatically under the hood. We tried a bunch of solutions, but none of them were perfect for customers. So, we thought about mixing .Net and JS SDK to do the authentication. Our idea is to generate a token on the backend side using App Id and App secret from customer's portals provided by them during the authentication configuration process. Then send this token to the frontend side and register it in SDK for JavaScript. I'm uncertain if it is even possible, but we tried to do a small POC for testing. On the backend, we are creating ServerInfo object that contains App Id and App secret, and then generate token using AuthenticationManager.GenerateTokenAsync(<uri to arcgis portal>, <token options>) with TokenAuthenticationType set to OAuthClientCredentials. As a result, we get a Credential object with some token and stuff inside, but without userId. Then we send that to the frontend and to use it in esriId.registerToken method. No exceptions are thrown, some requests also look to pass, but when we try to fetch basemaps for example, nothing is returned (empty array, but there are actual basemaps in the portal). We also noticed that the received token is slightly different from token received using only JS SDK (esriId.getCredential method) - it is shorter. Is it even possible to make this approach work and if yes, do you have any ideas what we are doing wrong?
