Story Map Security: Who can view or edit your app
Can I keep my App private?
Yes, the regular ArcGIS Online security model applies. By default your app is private, you can share it through online builder or ArcGIS Online. When you share your app, it is your responsibility to make sure that all the resources of your app(web maps, images, videos) are accessible to your audience.
Who can edit my App?
An app can only be edited by its owner (the named account that initially created the app). Organization Administrator (does not apply for public account) can take or give the app’s ownership to another user. In that case you won’t anymore be able to edit the app. Changing the ownership is the only way to collaborate on a app creation without sharing the owner’s credentials.
Can I use private web map or layer?
When the app is hosted in ArcGIS Online or Portal for ArcGIS, users that don’t have access to the app or a web map used in the app will be redirected to the ArcGIS Online sign-in page. It is not possible to display an authentication dialog in the app when the app is hosted in ArcGIS Online.
To use a premium layer in a public web map, follow this procedure.
When the app is hosted on your web server, an authentication dialog will appear inside the application.
Because of that limitation, we recommend that you configure the application to use OAuth. OAuth 2.0 based authentication is available for ArcGIS Online and Portal for ArcGIS users with developer or organizational accounts. Follow the procedure to add an application and register an application to get an OAuth application ID. Once you have that application, open index.html, locate the configOptions section and fill the oAuthAppId property.