api
API
The identity and authentication authority for all Elonn services. Owns members, sessions, and tokens. All services validate identity by calling the API service.
Owns:
- member identity records
- auth sessions
- auth tokens
- member directory
Allowed:
- api service
- api base URL
- API token
- api auth
Forbidden:
- auth service (not its product name)
- identity service (not its product name)
- user service (deprecated; "user" is not a product term)
- account service (account is the login surface, not the service name)
Notes:
- The service hostname is
api.elonn.local/api.elonn.com. Refer to the service by this name or simply "the API." - All other services reference members by
identity_user_id, which comes from the API service. - The API service issues
elonn_api_tokencookies, which are the credential forwarded between services.
Related:
- member
- token
- session (auth session)
- identity