Eduardo Jauch wrote:
Afaik, doesn't matter if you are doing login by your own API, you always have to also login in OutSystems.
One of the reasons is that the LICENSE imposes a number of users, and trying to avoid this in order to enable more users is not allowed.
Logging in in OutSystems is especially important if you want to use Roles (a.k.a. priviliges). Having all Screens anonymous, or checking yourself each Screen, is not recommended and the latter a lot of work.
As for the licences, they are not defined in terms of users logging in to the platform, but in terms of "named users". You are bound to allow a maximum of named users as stated in your contract, and will breach it if you don't. Even if you log in to the platform, circumventing any restriction the Platform imposes is easy (e.g. by creating one-time users that are deleted on a regular basis).
So, concluding, even if you use an external verification for your users, always log in to the Platform as well. This will help with your application priviliges (via Roles), and will more easily allow you to establish the number of named users (which you would want, as you do not want to breach your contract).