Authority is the centralized run-time module that provides scope evaluations to resource servers. It exposes a number of APIs for easy integration.

Scope evaluation

Authority performs a scope evaluation in following stages:

  • Authentication: Authority authenticates the resource server via the API key provided by resource server.
  • Policy lookup: Authority looks up the matching policies for the provided resource,action and scope combination.
  • Policy execution: Once a policy is found, it is evaluated and the mapped constraint is executed.

Based on the policy evaluation response, result is returned to the resource server.

results matching ""

    No results matching ""