Best practice for handling user authentication from customers

Hi,

I’m working on a project in which we wish to have customers which do not necessarily exist as users on the Palantir platform so that they don’t go through the Palantir login process. Rather they are like any other users which would exist on a normal web application except Foundry/AIP is used as the backend for doing modelling etc.

Is there a best practice for this that has been established?

Best,
Jack

1 Like

The standard practice for cases like this is to have the backend of your web application communicate with Foundry APIs using client credentials (i.e., a service user). See https://www.palantir.com/docs/foundry/platform-security-third-party/writing-oauth2-clients/#client-credentials-grant for more details.