Authentication Topics

The OneCompute Platform API requires all requests to be authenticated.

Two types of authentication are supported, depending on whether the request is initiated from an interactive session or not:

  • Request is initiated by a user in an interactive session in the client application: The user must be authenticated by the Veracity identity provider
  • Request is initiated by a an application (typically a service): The application/service authenticates with the OneCompute Service Registry using client credentials

Authentication with Veracity

Veracity Identity is used for authentication of interactive users. If your application initiates OneCompute jobs from an interactive session and requires that a job is associated with the user initiating it;

  1. The application must be registered with Veracity and have access to the OneCompute API, see Onboarding an Application with OneCompute
  2. The end user must be a registered Veracity user

Authentication with the OneCompute Service Registry

The other option for authentication with OneCompute is by using client credentials (an "id" and a "secret") issued from and authenticated by the OneCompute Service Registry. The OneCompute Service Registry is an identity provider managed by DNV Digital Solutions that manages identities representing individual applications.

When using client credentials issued by the OneCompute Service Registry, each job initiated by a particular application will be associated with the identity of that application registered in the OneCompute Service Registry.