exchangeToken(token: string, clientId: string, portal: string): Promise<string>
Request app-specific token, passing in the token for the current app.
This call returns a token after performing the same checks made by validateAppAccess. It returns an app-specific token of the signed-in user only if the user has access to the app and the encrypted platform cookie is valid.
A scenario where an app would use this is if it is iframed into another platform app
and receives credentials via postMessage. Those credentials contain a token that is
specific to the host app, so the embedded app would use
exchangeToken to get one
that is specific to itself.
Note: This is only usable by Esri applications hosted on arcgis.com, esri.com or within an ArcGIS Enterprise installation. Custom applications can not use this.