Username and Password

Concord's Web Services / APIs supports authentication using a username and password. Every request submitted to the API includes the username and password.

OAuth 2.0 (Token Authentication)

This involves an end user authenticating against Concord’s Identity Server and receiving security tokens in return. These tokens are then used by the client application to interact with Concord’s APIs and Web Services and gain access.

Several of these methods support both interactive and non-interactive authentication and authorization.

Interactive means that the user can be prompted for input. For example, prompting the user to login, perform multi-factor authentication (MFA), or to grant additional consent to resources.

Non-interactive, or silent, authentication attempts to acquire authentication without any direct user interaction.