Providers can represent a server, cluster, or specific services that are authorized to expose API functionality remotely. Each provider is issued credentials for authenticating and performing various functions, such as authentication, creating tokens, capturing analytics about traffic and consumption, or managing the overall data stored in Monarch.
Providers, like partner clients, are issued an API Key and Shared Secret. However, providers have special permissions that relate to Monarch's internal functions. See Service Permissions and Management Permissions for more information.
Users represent accounts for your team members (e.g. API Owners, Architects/Developers, Operations) that are allowed to view and manage the configuration and access reporting functions. Users are managed globally across all Monarch environments. Thus, when using default authentication, only System Administrators are able to create, edit, or delete users.
Similar to Providers, Roles associate Users to permissions that relate to Monarch's internal functions. See Service Permissions and Management Permissions for more information. A User may only be assigned to one Role. A User's access to the various management screens depends on which Management Permissions are granted to their Role.
Principals enable Monarch to add security claims for the authenticated user of an API request. Principal claims are segmented by profiles that allow Monarch administrators to create unique claim sets for different applications. In order to add claims to Monarch's API Context, you must add the Internal Claim Source to the associated Client's security policies.