Request flow

  • The end user (REST client) is authenticated using the REST Auth API (Loginapp). 
  • After successful authentication, IAM issues a JWT to the REST client.
  • The JWT can be used on 3rd party systems that are not connected to IAM
  • JWTs in requests sent to Airlock Gateway are authenticated by inspecting the JWT. This involves IAM's one-shot interface.
  • The example uses username/password authentication (no second factor).