Skip to main content

User authentication

You can configure user authentication with Quorum Key Manager (QKM). This is optional but recommended.

To authenticate to QKM, users must provide credentials in every request through one of the following methods:

  • OAuth 2.0 - OAuth 2.0 standard using JSON Web Tokens
  • TLS - Client TLS mutual authentication
  • API key - Set of static authorization keys defined in a CSV file and loaded at startup

The authentication process consists of challenging incoming request credentials. If credentials are valid, QKM extracts user information and attaches it to the request context. If credentials are invalid, QKM rejects the request. If no credentials are passed, QKM processes the request as an anonymous request.

After QKM authenticates a request, it submits the request to the targeted service to authorize it.