Authentication and Security
This section describes authentication mechanisms in Citeck and integration with Keycloak as the standard identity provider (IdP).
Authentication — general authentication architecture of the platform: OpenID Connect protocol, Access Token / Refresh Token roles, interaction schemes between components.
Citeck and Keycloak Integration — configuring bidirectional user synchronization between Citeck and Keycloak via RESTful API (ecos-model starting from version 2.20.0).
Authentication Settings for Records API — obtaining Client ID and Client Secret in Keycloak, configuring OAuth 2.0 and sending requests to Records API from external systems (using Postman as an example).
Citeck Keycloak Extension (Enterprise) — Citeck-side extension for Keycloak: generating platform events on Keycloak user events, synchronizing user status.