Digizuite authentication is done using users, groups, access rights and roles. A user logs into Digizuite and based on the user rights an access key is generated. This access key grants access to the system and it’s features.
The access key is a guid and the accesskey refers to the user, a language and a product. The first two are self-explanatory, however, the latter is not. Digizuite is a backend and various products may be attached to this backend. Examples of products are Media Manager or DAM For Sitecore. Each product has it’s own set of configuration and in order to access that specific configuration a product specific access key is needed.
A product is simply a definition in Digizuite. To this definition several concepts can be attached. First, a product has a ConfigManager. A ConfigManager is for changing product specific configuration such as configuration parameters and searches. Secondly, most products have a channel (layoutfolder), which is a distribution channel for assets.
Lastly, Digizuite has two types of metadata, configuration metadata and asset metadata. The first is versioned and the latter is not. This means that there is a difference between what metadata you are getting in the API and this is also decided in the accesskey.
All login specific operations are done using the ConnectService endpoint. There are two important methods on this endpoint: LogOn and LogOnWithAccessKeyOptions.