Process Flow for the Authorization Check

At the runtime of the main service, which hosts the cloud services, when a cloud service is called, the Digital Manufacturing Cloud either transfers the user information directly, or transfers a JSON web token (JWT) that contains information about the identity of the user and the user groups assigned to it. During the authorization check, the PCo system first determines the PCo roles that are assigned to the transferred user, and checks whether they correspond to the roles required by the service call. If no local PCo user is maintained, this check is executed for the roles that are assigned to the transferred user groups.