Versions Compared
compared with
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Comment:
Published by Scroll Versions from space WAPIMGMNT232 and version 24.0
A common API Management use case is that an API should not be accessible to anyone, but only to authorized users. To secure your REST APIs, we recommend to use the Keycloak OAuth policy for user authentication. If additional user authorization (with roles) is required, we recomment to extend your setup with the Authorization policy.
Keycloak OAuth: Use this policy to secure your API via Keycloak. This Keycloak-specific OAuth2 policy should be your first choice to secure an API in the PAS environment.
Refer to Authentication With Keycloak OAuth for details.- Authorization: Use this policy in addition to Keycloak OAuth or Basic Auth to control precisely who is allowed to access the API.
Refer to Additional Authorization for details.
Panel | ||
---|---|---|
| ||
|
Overview
Content Tools