Most of the scenario, PDAccess works with service that already defined itself. For the user perspective, PDAccess has a build-in user authentication database (of course encrypted) and able to authenticate with the external systems like LDAP. This gives seamless authentication and Single-Sign on the feature to PDAccess. How about other applications? For example, you have an external enterprise application which requires authentication and authorization mechanism.
You have 2 ways to do this functionality to your software. One is implementing in your application and the other is SSO. The first case looks pretty straight forward. you can insert your application. But, if you have many applications (Like microservice etc.) you need to implements each other the same functionality.
How about the SSO case. Like PDAccess logic, if you have an SSO system, you don’t need such an implementation and you have a flexible environment to sperate AAA logic with business logic.
In the market, that SSO protocol named OAuth2. (Also there is sister protocol, SAML which is in the road map in PDAccess). We added Oauth2 Identity Provide Logic to PDAccess to use your same authentication logic in PDAccess to your enterprise software. https://oauth.net/2/
In the Administration menu, You can create your enterprise application authentication using the Oauth2 protocol. These days, many frameworks (like spring-boot. https://spring.io/guides/tutorials/spring-boot-oauth2/) has a build-in oauth2 authentication support.