Overview

The Jack Henry Enterprise Rest API specification defines authentication as a process by which a user or service is securely identified through the exchange of identity material (username/password, secret key, digital certificate, etc.) with an identity provider from which a security token is generated that an API service can receive, inspect, and understand the owner/subject of the token (caller).

For instance, every service/API should require the caller to supply a security token in which the service can inspect the caller identity and metadata for determining if the work requested should be performed.