Sunday, March 20, 2016

Identity Patterns with the WSO2 Identity Server
Fine-grained access control for APIs

Problem:
  • Access to the business APIs must be done in a fine-grained manner. 
  • Only the users belong to the business-admin role should be able to access foo and bar APIs during a weekday from 8 AM to 5 PM.
Solution:
  • Setup the WSO2 Identity Server as the key manager of the WSO2 API Manager. 
  • Write a scope handler and deploy it in the WSO2 Identity Server to talk to it’s XACML engine during the token validation phase. 
  • Create XACML policies using the WSO2 Identity Server’s XACML policy wizard to address the business needs. 
  • Products: WSO2 Identity Server 5.0.0+, API Manager, Governance Registr

0 comments: