The ADEPT Decisions Platform provides easy to use and secure restful APIs that developers use for decision-making in composite applications.
In terms of API security, all API calls are authenticated by using the Client Credentials Flow (defined in OAuth 2.0 RFC 6749), in which they pass along their Client ID and Client Secret to authenticate themselves and get a token from an authorisation server. This token is then passed along with calls to the API.
API authorisation is performed using a third-party Identify Provider (IDP) authorisation server. All communication is strictly over HTTPS. Your subscriber client identity is resolved via the token and not through any parameters passed with the calls, ensuring all subscriber’s API calls are separate and no subscriber can impersonate another. In addition, each API client can be associated with specific API endpoints, ensuring that each client application that requires decisioning only has access to what has been provisioned for it.