Technical client in IAM and tech-clients REST API

This page explains the concept of technical clients and shows how to use the Adminapp REST API to manage them.

With the term technical client or tech-client we refer to REST API clients or other technical peers.

Examples are:

Mobile app using an interface (e.g. REST API) that is protected by Airlock
Server application using an interface (e.g. REST API) that is protected by Airlock
A TPP (third-party provider) in PSD2
An OAuth 2.0 client or OpenID Connect relying party

Airlock IAM provides the following services and features around Tech-clients:

Authentication (e.g. client certificate, OAuth 2.0)
Management (REST API)
Policy information point for access control with Airlock Gateway (WAF)
Various API gateway features (planned)

Note that a tech-client (e.g. web-server application) may authenticate itself and at the same type represent an end-user that has been authenticated in a different way.

Example:

a web-server authenticates it-self to be able to use a REST API using a client certificate
the end-user using the web-server authenticates itself using username, password and a token

Chapter content

12.6.4.1. Data model

12.6.4.2. Supported authentication types

12.6.4.3. Tech-clients management REST API