Authentication and Authorisation for Providers of Web services

The sedex Webservice Proxy (WS-Proxy) provides seamless interaction with third party web services for sedex users by utilizing their sedex-Client certificate for authentication. This certificate serves as a secure token, ensuring that only authorized users can access the web services.

Authorization Options

Web service providers have two primary options for handling authorization:

1. Custom Authorization Mechanisms: Providers can implement their own authorization systems, making decisions based on the client certificate to determine if a sedex participant is authorized to use their service. This approach offers flexibility and control, allowing providers to customize the authorization process to meet their specific needs.

2. sedex External Authorization Service: Providers can use this service to manage both authentication and authorization. By leveraging this service, providers can delegate the complexity of security management to sedex, ensuring a consistent and reliable authorization process.

Integration Guide

This section outlines the steps and best practices for using sedex's authentication and authorization mechanisms, ensuring secure and efficient integration with sedex services.