Authorization
Microservices uses XACML implementation to let the client define authorization policies for the intended microservices. The client uses Policy Editor Design time to author XAML policies for microservices and deploy them on the policy store.
Policy Authoring is carried out by using the Policy Editor and the final reviewed policies are uploaded to a centralized policy store.
XACML – Policy Attributes
The attributes that can be used to the author authorization policy are as follows.
| XACML Attribute Type | Information Data Available for Policy Enforcement |
|---|---|
| RESOURCE | The resource element is a data, service or system component. Data parameters are available in HTTP Request Headers & Payload and Data Entity. For example, Balance and Transaction. |
| SUBJECT | A subject element is an entity requesting access. The user attributes are available in the HTTP header. |
| ACTION | Action ID of the API. |
| ENVIRONMENT |
Environmental parameters existing in the Business Function context. The parameters for the stacks are as follows:
|
In this topic