Identity brokering, data access management and authorization is provided by Keycloak. It is an open source, free, identity and access management platform, providing multiple standards and protocols for client and end-user authentication and authorization.

The main standard authentication and authorization protocols used in iReceptor Plus are:

  • OpenID Connect (OIDC)/OAuth 2.0

For providing Authentication.

  • User-Managed Access (UMA 2.0)

For authorization and the protection API. Data Managers can manage permissions to their resources and decide who can access a resource.

The current implementation of the security framework on iReceptor Plus' APIs tries to provide an agnostic implementation. This means a user or developer isn't normally required to deal with the specifics of Keycloak but instead should follow the interoperable security standards (OIDC/UMA 2.0) mentioned previously.