- The end user (REST client) is authenticated using the REST Auth API (Loginapp).
- After successful authentication, IAM issues a JWT to the REST client.
- The JWT can be used on 3rd party systems that are not connected to IAM
- JWTs in requests sent to Airlock Gateway are authenticated by inspecting the JWT. This involves IAM's one-shot interface.
- The example uses username/password authentication (no second factor).
![63983344.png](../media/01_Books/Airlock_IAM_Manual/_23Module_23/_c3_9cberarbeitete_Altdaten/references/mediaset/PNG/6x/63983344.png.theme/1.5/en-us.63983344.png_html.png)