Authentication

Authentication of clients is handled by APEX's Universal Onboarding. The authentication section in the tenant's configuration file controls this behavior.

Configuration Parameters

You can configure authentication using these parameters:

Parameter	Description	Default
force	This flag sets whether the client must be authenticated before entering the tenant	false

If the authentication section is not specified, the default values above are used.

Implementation Example

Add authentication to your tenant by including the following in your configuration file:

{
  "authentication": {
    "force": true
  }
}

Authentication Flow

When a client attempts to access your website, the system follows this process:

Checks if authentication is required (force: true)
If required, verifies if the client has a valid session
Redirects unauthenticated clients to the Universal Onboarding login page
Returns authenticated clients to the specified redirect URL

Security Best Practices

Set force: true for any tenant containing sensitive information
Implement proper role-based access control for protected resources
Use HTTPS for all authentication-related traffic
Regularly audit authentication logs for suspicious activities

Was this page useful?

Configuration Parameters​

Implementation Example​

Authentication Flow​

Security Best Practices​

Configuration Parameters

Implementation Example

Authentication Flow

Security Best Practices