8.1 User Authentication

Only a valid user with the required user roles will b allowed to post a KYC Onboarding request.

To allow a user to post a KYC Onboarding request, the following authorizations are done by the system:

1. As a first check, authentication is done to check if the user ID and password is valid in the system. Authentication can be Basic Authentication or Bearer Token (Token based authentication).

   For more information on how to generate the Bearer Token, see Appendix-E: Configurations for the Bearer Token.

2. Secondly, authorization is done to check if user has WFACCNEXE and WFACC roles.

   If the user belongs to OB KYC Administrator Group, by default WFACCNEXE and WFACC roles are assigned.