We use high-profile authentication methods:
- Central identity and access management
- Central user management, e.g. MS Active Directory
- Authentication through an identity provider, based on authentication methods such as oAuth or openID connect
- Authorisation mechanisms, e.g. role-based authorisation, e.g. roles transmitted via tokens
API gateways to protect underlying data and APIs by validating authentication and authorisation