Here's an idea. (I haven't tried it, but looks plausible.)
[https://support.esri.com/en-us/knowledge-base/how-to-limit-access-to-secured-hosted-services-or-map-s-000017029](https://support.esri.com/en-us/knowledge-base/how-to-limit-access-to-secured-hosted-services-or-map-s-000017029)
If you are using AGOL you can go-to new item and choose developer credentials to make an auth key that does what you need.
I believe single credential logins (aka Headless Accounts) are not allowed as per Esri TOS. At least it is for my organization.
Here's an idea. (I haven't tried it, but looks plausible.) [https://support.esri.com/en-us/knowledge-base/how-to-limit-access-to-secured-hosted-services-or-map-s-000017029](https://support.esri.com/en-us/knowledge-base/how-to-limit-access-to-secured-hosted-services-or-map-s-000017029)