Table of Contents

Flujo de autenticación

sequenceDiagram
    autonumber
    participant C as Cliente
    participant A as KadicAuth.Api
    participant E as KadicErp.WebApi
    participant DB as DB

    C->>A: POST /auth/login (user, pass, tenant)
    A->>DB: Verifica credenciales
    DB-->>A: User + Roles + Tenant
    A-->>C: JWT (access + refresh)
    C->>E: GET /api/... (Authorization: Bearer JWT)
    E->>E: Valida firma + claims (tenant, roles)
    E-->>C: Respuesta scoped por tenant

Completar con: políticas de expiración, refresh tokens, revocación.

Edit this page