About employee

The Employee API facilitates comprehensive Role-Based Access Control (RBAC) in the Tuum system. In this context, an Employee refers to any principal engaging with the system. The Tuum system categorises employees into three primary types:

1. BackOffice user: A digital identity assigned to human operators authorised to access the system exclusively through the BackOffice interface, without permission to use Tuum system API endpoints.

2. API user: A digital identity assigned to programmatic operators, like third-party applications or internal microservices, to access the system exclusively via API endpoints, without permission to use Tuum system via BackOffice interface.

3. System user (internal service): A digital identity exclusively reserved for the Tuum team to handle system-level maintenance and non-business activities such as database maintenance and automated ledger closure.

Each user must first be authenticated to securely access resources within the Tuum system. After successful authentication, the user is authorised to access Tuum system resources according to their assigned roles and privileges.