Error
API key scoped to a hosted feature service with allowAnonymousToQuery set to false yields no results when queried, while short lived OAuth2 token does.
| Número de ID del error | BUG-000169836 |
|---|---|
| Enviado | August 8, 2024 |
| Última modificación | November 6, 2024 |
| Relacionado con | ArcGIS Online |
| Versión encontrada | June 2024 |
| Sistema operativo | Windows OS |
| Versión de sistema operativo | 11.0 64 bit |
| Estado | As Designed |
Información adicional
The current implementation of the API Authentication token is functioning as intended. This design choice has important implications for user privacy and system security. Token Content: The API Authentication token is designed to contain only the information necessary for accessing specific items or resources. It does not include user login information typically found in OAuth tokens. Anonymous Access: Due to the absence of user-specific information, requests made with these tokens are treated as coming from an anonymous account. Security Implications: The token's limited scope reduces potential security risks associated with token interception or misuse. Intended Functionality: This behavior is not a bug or oversight, but a deliberate design choice to balance functionality, privacy, and security.Solución alternativa
Access tokens have different privileges depending on the method used to obtain them: Tokens from API key authentication and App authentication have their privileges managed by the developer credentials used to obtain them. Tokens from user authentication have their privileges determined by the ArcGIS account of the signed-in user.Pasos para reproducir
ID del error: BUG-000169836
Software:
- ArcGIS Online
Recibir notificaciones cuando cambie el estado de un error
Descubrir más sobre este tema
Buscar información relacionada
Encontrar formación relacionada con este tema
Explorar ideas y aportar opiniones
Obtener ayuda de expertos en ArcGIS
Descargar la aplicación de soporte de Esri