This chapter explains the concept of technical clients and shows how to use the Adminapp REST API to manage them.
With the term technical client or tech-client we refer to REST API clients or other technical peers.
Examples are:
- Mobile app using an interface (e.g. REST API) that is protected by Airlock
- Server application using an interface (e.g. REST API) that is protected by Airlock
- A TPP (third-party provider) in PSD2
- An OAuth 2.0 client or OpenID Connect relying party
Airlock IAM provides the following services and features around Tech-clients:
- Authentication (e.g. client certificate, OAuth 2.0)
- Management (REST API)
- Policy information point for access control with Airlock Gateway
- Various API gateway features (planned)
Note that a tech-client (e.g. web-server application) may authenticate itself and at the same type represent an end-user that has been authenticated in a different way.
Example:
- a web-server authenticates it-self to be able to use a REST API using a client certificate
- the end-user using the web-server authenticates itself using username, password and a token