Authentication
The protocol used to login is OAuth2 with the Authorization Code grant type (more info)
The only routes that can be accessed without authentication are /monthlyReport/year/month and /monthlyReport with GET. They will return all the different sections of a specific or the current newsletter in a single JSON.
Roles
The Identity Provider used is Sign&Go and the list of person able to log in Ecolyo-Agent are managed in MIM (only accessible on Mercure network)
This backoffice is meant to be used only by two types of persons :
- the animators of Ecolyo: they edit the newsletters, the fluid prices and the content of warning pop-ups.
- the administrators of Ecolyo: they can do all of the above and also view and search for SGE consents.