API Authentication
API authentication provides secure access to PCS platform resources. The system uses JWT (JSON Web Token) standard token authentication with Keycloak SSO integration.
Authentication Methods
- JWT tokens — Bearer token authentication in API requests
- Keycloak SSO — single sign-on with eID/e-signature support
- API keys — for system integration without user sessions
Security
- All communication via HTTPS (TLS 1.2+)
- Token expiration and automatic renewal
- Role-based access control (RBAC)
- Company context validation for each request