Skip to content

Identity and Access Management

This chapter describes the identity and access management in the Terradue API.

Authentication

The Terradue API uses the OAuth 2.0 protocol for authentication. Practically, this means that you need to obtain an access token before you can use the API.

The access token is obtained by authenticating with the Terradue IAM service at https://iam.terradue.com.

The access token is passed in the Authorization header of the HTTP request as described in the OAuth 2.0 Bearer Token Usage specification.

The Swagger UI provides a way to authenticate with the Terradue IAM service and obtain an access token.

Authorization

The Terradue API uses the OAuth 2.0 protocol for authorization. It reads the claims from the access token to determine the user's identity and the user's permissions.

More information about the authorization startegy in the Terradue platform can be found in the Terradue Platform Security document.