2.6 About Authentication and Authorization

Authentication ensures that only authorized individuals can access MicroTx, the microservices, transaction, and data. Authorization provides access control to system privileges and data. This builds on authentication to ensure that individuals get appropriate access.

• About Access and Refresh Tokens
  Use access and refresh tokens to ensure that only authenticated users can access MicroTx and to permit only administrative users or users that originally initiated the transaction to manage a transaction.
• About Encrypting and Storing Tokens
  To support asynchronous calls, MicroTx stores the access and refresh tokens, and then uses them in asynchronous calls.
• About the Oracle_Tmm_Tx_Token Transaction Token
  Enable the creation and propagation of the transaction token to ensure that only authorized users have access to the service. When you set transactionTokenEnabled to true in the YAML file, MicroTx Distributed Transactions creates a new token called Oracle_Tmm_Tx_Token, which is a signed transaction token.
• Overview of Role-Based Access Control for MicroTx Workflows
  MicroTx Workflows uses hierarchical role-based access control (RBAC) to secure APIs and operational capabilities. These mappings ensure that users are granted appropriate permissions in MicroTx Workflows based on the roles assigned by your identity provider. This supports robust authorization controls for both system administrators and regular users of MicroTx Workflows.