To authenticate clients, we'll need to set up a REST server. With this option available, the clients should be authenticated before they are permitted a call in the REST API.
The REST server uses an open source software named PASSPORT, an authentication middleware for Node.js. It's flexible and modular and supports authentication via username and password, Facebook, Twitter, Google, and Lightweight Directory Access Protocol (LDAP), among others. In Chapter 7, Creating Your Blockchain and IoT Solution, we'll have more details about this. For now, let's review how the components will work.
In the following diagram, we can see a high-level authentication architecture using a Composer REST server:
The following components ...