This repository has been archived by the owner on Oct 21, 2021. It is now read-only.
doc components
The IBM Food Trust™ authentication handles the issuance and maintenance of access tokens (aka authentication tokens or JSON Web Tokens (JWT)) for the IBM Food Trust solution. Each registered user (human, system or application) must obtain an access token in order to use IBM Food Trust.
There are two types of users in the IBM Food Trust solution:
- Human Users are authenticated via their IBM identity service (IBMid) username (email address) and password. Authenticated human users can interact directly with the IBM Food Trust network.
- System Users (systems or applications) are authenticated via System ID, Client ID and secret (token). A system user ID must also be created for any application program that calls IBM Food Trust APIs.
Each user type is authenticated by a separate mechanism:
Figure 1. Human User Authentication Flow
Figure 2. System User Authentication Flow
The granted access tokens expire after one hour, but can be renewed prior to expiration. See How to obtain an authentication token for more information on tokens.