We use high-profile authentication methods:

  • Central identity and access management
  • Central user management, e.g. MS Active Directory
  • Authentication through an identity provider, based on authentication methods such as oAuth or openID connect
  • Authorisation mechanisms, e.g. role-based authorisation, e.g. roles transmitted via tokens

API gateways to protect underlying data and APIs by validating authentication and authorisation