- JWT-based
- Token bevat:
- accountId
- organizationId
- roles
- authorities
- Multi-tenant per ORGANIZATION
- Elke entity bevat organization UUID
- Filtering via TenantContext
- ADMIN → alles
- MANAGER → eigen organization
- EMPLOYEE → eigen data
Beschikbaar via:
- getOrganizationId()
- getAccountId()
- getRoles()
- ADMIN → geen filtering
- MANAGER → organization filter
- EMPLOYEE → eigen data
- Spring Security verplicht
- JWT filter
- @PreAuthorize op endpoints
- wachtwoorden met BCrypt
- @ControllerAdvice
- gestructureerde responses:
- message
- status
- timestamp