The Admin API is intended to be used when an External Application wants to call API endpoints without direct user interaction. This means that authentication is for the application itself.
Authentication for the Admin API is based on the concept of OAuth Access Tokens. An External Application can use its credentials to directly obtain an Access Token. Once the Access Token expires, the External Application requests a new one when necessary.
All actions are performed and logged as a single Associated User in Banno.
The Authentication Framework - Tokens article has information on the various Tokens.
Client Credentials Flow
The Admin API uses the OAuth Client Credentials flow.
The Client Credentials flow requires authenticating with a signed JSON Web Token (JWT) that uses a public key + private key pair.
See the Client Credentials Flow topic.
Public Key + Private Key
See the Public Key + Private Key topic.
See the Associated User topic.
See the Configuration topic.
If you are just getting started, try our Quickstart on Authentication.