...
In this sequence diagram a number of details have been omitted, among these the complex setup behind the logon process after the user hits the IdP, with redirects to local IdP via SEB.
As an example we can have a look at the usage of the careteam microfontend and it usage on the FUT infrastructure.
| Gliffy | ||
|---|---|---|
|
Security model
The security model used in KAM, is the same as the one used in the remaining FUT infrastructure. This means that the shell application will redirect the user to the IdP using the users browser, and in this process receive a set of security tokens (JWT). The shell application has the responsibility to do the required refreshes in order to ensure that the tokens are valid at all time, when using KAM. The access token is provided to the micro-frontends in browser local storage (with access tied to the KAM domain). They can use the token to do lookups into the infrastructure, and thus will only present data, which the current user has access to, with the currently selected security context.
...