Authority is the centralized run-time module that provides scope evaluations to resource servers. It exposes a number of APIs for easy integration.
Authority performs a scope evaluation in following stages:
- Authentication: Authority authenticates the resource server via the API key provided by resource server.
- Policy lookup: Authority looks up the matching policies for the provided resource,action and scope combination.
- Policy execution: Once a policy is found, it is evaluated and the mapped constraint is executed.
Based on the policy evaluation response, result is returned to the resource server.