Overview
Where user information including roles and responsibilities is intended to be held in third party systems, there are 2 approaches when it comes to syncing that data.
JWT
A JWT securely transmits information between parties as an encoded claims into a compact URL-safe JSON object which is then signed to ensure data integrity. Panintelligence has the option to include complex claims data that contains a full set of permissions, roles and responsibilities for a given user that can be used to sync a user in realtime from the third party authentication system. Updates to the roles and responsibilities should be held on the third party system. Any changes are immediately reflected upon a user logging into Panintelligence.
please view our documentation at Auto User Sync
Using the API
Panintelligence ships with an API that can be used in order to maintain all aspects of the product. comprehensive documentation about the panintelligence API can be found here.
Similar to the JWT approach, a 3rd party system containing user metadata such as roles, responsibilities and permissions would sync at a frequency that’s appropriate for your organisation.
In the diagram below, a user sync process creates and updates users using the sync endpoint. This is a timed or triggered process. To initiate the update, a post request is made. where a user already exists with this usercode, the user is updated with the new data. If the user does not exist, it is created.
Below is an architecture diagram of a third party push. Panintelligence will receive data from the third party system that contains user data at regular intervals.
Add Comment