The Master API security is implemented with Keycloak. All the users need to be fully authenticated to access the API.
The users of a same group in keycloak can access and manage the same jobs. If a user comes without any defined group, a default group will be affected.
In some cases, you may not want to use a full keycloak instance to use the Master API : a basic authentication can be used with a pre-configured user. More information can be found in the Deployment section