Authentication Overview

Welcome to the IndexSDK Authentication documentation. This guide provides API documentation for authenticating clients in the core engine system.

Quick Start

Client Credentials Flow

1. Provide client credentials (client_id, client_secret) or group_name
2. Generate auth token with user information
3. Use auth token for subsequent API calls

Architecture

The IndexSDK authentication system is built on a multi-tenant architecture where each tenant is identified by a domain (group_name). The system supports client credentials authentication for API clients using client_id and client_secret.

Authentication Flow

Domain-Based Multi-Tenancy

All authentication requests require a domain (group_name) that identifies the tenant/group. This allows the system to:

• Isolate user data per tenant
• Support multiple organizations
• Manage permissions per domain

Auth Token

Purpose: Token used for authenticated API requests

Contains:

• domain - Tenant identifier
• user_first_name - Optional user first name
• user_last_name - Optional user last name
• user_date_of_birth - Optional date of birth
• user_email - Optional email address
• user_phone - Optional phone number
• user_uid - Optional user unique identifier

Usage:

• Required for authenticated API endpoints
• Contains user identity information

Next Steps

• Client Credentials API
• API Guidelines