Request app-specific token, passing in the token for the current app.
This call returns a token after performing the same checks made by validateAppAccess. It returns an app-specific token of the signed-in user only if the user has access to the app and the encrypted platform cookie is valid.
A scenario where an app would use this is if it is iframed into another platform app
and receives credentials via postMessage. Those credentials contain a token that is
specific to the host app, so the embedded app would use
exchangeToken to get one
that is specific to itself.
Function defined in packages/arcgis-rest-auth/src/app-tokens.ts:25