Authentication Model
OAuth 2.0 supports two ways of Authentication; based on a Users Ideintity and based on the Identity of a Client. Within Valdit APIs a Customer entity is used to implement multi-tenancy. All Valdit API calls are eventually performed on behalf of such a Customer, which can be identified using either a User or a Client:
When requesting a token using one of the OAuth 2.0 Flows, the issued token will contain information on the Customer. Any calls using that token will therefore be performed on behalf of that customer, regardless of the type of OAuth 2.0 flow that was used to obtain the access-token.