Glossary
A reference guide to the terminology used in Optare One and identity standards.
Authentication & Authorization
OAuth 2.0
The industry-standard protocol for authorization. It allows third-party applications to grant limited access to an HTTP service, either on behalf of a resource owner or by allowing the third-party application to obtain access on its own behalf.
OIDC (OpenID Connect)
A simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information.
JWT (JSON Web Token)
An open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.
| Token Type | Purpose | Expiration |
|---|---|---|
| ID Token | Proof of identity (contains user profile) | Short (e.g., 1h) |
| Access Token | Authorization to access APIs/Resources | Short (e.g., 1h) |
| Refresh Token | Used to obtain new access tokens offline | Long (e.g., 30d) |
Access Control
RBAC (Role-Based Access Control)
A method of restricting network access based on the roles of individual users within an enterprise. In Optare, roles are assigned to users within an Organization.
Multi-tenancy
Architecture where a single instance of software serves multiple customers (tenants). Optare One uses Organizations to provide multi-tenancy.
Multi-tenancy Hierarchy:
| Level | Description | Example |
|---|---|---|
| Instance | The Optare deployment | id.optare.one |
| Organization | The tenant/customer | Acme Corp |
| User | Member of org | alice@acme.com |
System Events
Webhooks
User-defined HTTP callbacks triggered by specific events. When the event occurs, Optare sends an HTTP JSON request to your configured URL.
Example Webhook Payload:
{
"id": "evt_89234jav98",
"event": "user.created",
"created_at": "2025-12-22T10:00:00Z",
"data": {
"user_id": "usr_123",
"email": "alice@example.com",
"organization_id": "org_acme"
}
}