The workflow and high-level architecture FarmMaps are documented on the [Farmmaps Workflow](Workflow) and [FarmMaps Main Components](Main-components.md) pages.
At the moment, FarmMaps provides two environments for development.
* https://farmmaps.awtest.nl (testing environment, data is not persistent)
* https://farmmaps.awacc.nl (acceptation environment, data IS persistent)
When developing your application, using the **acceptation environment is highly recommended**.
### Obtaining credentials
To get access to the API, you need an akkerweb development account (akkerweb development and farmmaps development use the same credentials).
These can be created at:
* https://awacc.nl (for the acceptation environment)
* https://awtest.nl (for the testing environment)
Once you have an account, you can create a JSON Web Token to authenticate at the API endpoint.
### Authentication & Authorization flow
FarmMaps uses Open ID Connect to provide user authentication and authorization services.
Open ID Connect (and OAuth beneath the surface) allows your application to access user information or data that is located at another service, without providing you the password to access the account. This is very useful if your application relies on data that needs to provided by this other service for your application to work.
So, in the authentication flow there are two parties:
* The OpenID Provider (OP), holding the accounts database and providing the authentication services.
* The Relying Party (RP), relying on authentication through the OP, to get access to the required data or endpoints.
The general flow (for FarmMaps) is as follows:
* The user is at your application
* Your application needs to access the farmmaps account of that user (i.e. to upload, modify or retrieve data)
* Your application creates an authentication request for the Open ID Provider.
* The user is redirected to the "Log in page" of the OpenID Provider.
* The user logs in at the login page.
* On succesfull login, the user is redirected back to your application and the OpenID Provider returns an access token.
Now that the user is back at your applicaiton and the application has an access token, it can then request resources from the OpenID provider.
For each request, the access token needs to be sent along. This access token provides proof that the person sending the request is allowed to access the request and is who he/she claims to be. FarmMaps uses [JWT](https://jwt.io/introduction/) as the format for the access token.