ICUBAM supports password, token based and cookie based authentication, depending on the endpoint.


JWT tokens

JWT encoded tokens are used for the /update endpoint of the WWW server. For this endpoint, each token is only valid for a user_id, icu_id pair, and allows to update information for a given ICU.

External client tokens

Additional tokens are created for external clients. These tokens can be of one the following 4 types,

  • MAP allows GET access to /map endpoint on the WWW server
  • STATS allows GET access to /db/* endpoints on the WWW server as well as /dashboard endpoint on the backoffice server.
  • UPLOAD allows PUT access for the /db/* endpoint on the WWW server.
  • ALL allows all above operations.


JWT tokens are also stored as secure cookies on first successful authentication. They later give GET access to the /map endpoint.


Finally, the backoffice server also includes standard password base authentication for administrators.