Account Repositories and Accounts

Accounts provide centralized authentication management for external incoming connections to USP Server instances. They are structured into two distinct Configuration Items:

• Account Repository: A container for organizing and managing groups of related Accounts.
• Account: A set of client credentials (such as username/password or private/public key) and associated authentication settings.

This architecture enables scalable, flexible, and secure credential management by centralizing authentication logic. Instead of configuring credentials at individual connection points, administrators can manage reusable, rule-driven authentication policies using Account Repositories.

info

Accounts are different from Users, who are administrative individuals who are responsible for USP administration and system management. Accounts are used exclusively by USP Server instances to authenticate external incoming connections (from partners, vendors, etc.).

Streamlined Onboarding and Configuration

Accounts are referenced by Rules, which define how inbound authentication is performed. A Rule can point to an Account Repository, allowing USP Server to authenticate against the credentials defined within it. This decouples authentication from connection logic, making it easy to adapt policies to different business contexts or operational needs.

With Account Repositories, onboarding new clients becomes simple: add the new account to the repository, and it immediately becomes available for any Rule that references that repository.

If a Rule uses Password or Private Key authentication, a single repository can support multiple Accounts with different credentials and authentication requirements—enabling granular, policy-driven control with minimal configuration effort.