Manifold’s Marketplace-as-a-Service requires authentication in order for an identity to provision and manage resources through the marketplace. To do so, a limited life token is generated on a per-actor basis to authorize calls made by the embedded web components.
- Your server-side application requests a Manifold authentication token for a given identity
- Your client application passes this value to the
- When an end user accesses marketplace features embedded in your client application, the authentication token is passed with each request
- Manifold verifies the authentication token
- Where applicable, Manifold makes a request to your server-side application to verify authorization for the given context