Can I use ArcGIS REST-API "applyEdits" to update Feature-Layer as an authenticated user?

Question

I'm using nodeJS to edit my Feature-Layer using REST API. My intention is to:

1. Update my layer using Firebase Cloud-Functions
2. Share my layer publicly
3. But keep my layer non-editable for unauthorised users
4. I want to use my API-Key for authentication.

My problem: If I edit my feature definition to "capabilities" : "Create, Update, Delete" as mentioned here , then any unauthorised user can edit my layer, while if I don't, I get:

[ 'This operation is not supported.', 'Unable to add the features.', 'This operation is not supported.' ]

Authentication is declered in the documentation .

My code:

require("cross-fetch/polyfill");
require("isomorphic-form-data");
const featureLayer = require('@esri/arcgis-rest-feature-layer');
const auth = require('@esri/arcgis-rest-auth');

const apiKey = new auth.ApiKey({key: 'some key...'});
featureLayer.applyEdits({
    url: "https://services3.arcgis.com/someID/arcgis/rest/services/someName/FeatureServer/0",
    adds: [{
      geometry: { x: 120, y: 45 },
      attributes: { indexCity: "alive" }
    }],
    authentication: apiKey
  })
    .then(response => {
      console.log(response)
    })
    .catch(err => console.log(err.response.error.details));

I'm running my code using node example.js in terminal.

How can I define appleEdits only for me as authenticated user?

Answer 1

One option is to make your edits to a private feature layer (that's editable), and then have a public (non-editable) view of that feature layer.

• https://www.esri.com/about/newsroom/arcuser/protect-your-editable-feature-data-from-the-public/
• https://doc.arcgis.com/en/arcgis-online/manage-data/create-hosted-views.htm