Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
In addition to the KEYCLOAKOAUTH policy, you can use the Authorization policy to add a list of fine-grained authorization rules which allows you to control precisely who is allowed to access the API.
Note |
---|
Make sure that you configure the Authorization policy after the standard authentication. |
Adding the Authorization Policy
Multiexcerpt include | ||||||
---|---|---|---|---|---|---|
|
The configuration of this policy consists of a number of rules that are applied to any inbound request to the API. Each rule consists of a regular expression pattern, an HTTP verb and the role that an authenticated user must possess in order for access to be granted.
It is also possible to apply the rules for all requests by using a wildcard regular expression.
Example:
Additional role authorization with the Authorization policy:
- Only users with role support-admin are allowed to delete support cases.
- Only users with role support-manager are allowed to get support cases.
Tip |
---|
Refer to AUTHORIZATION for a detailed overview on all settings of this policy. |
Panel | ||
---|---|---|
| ||
|
Panel | ||
---|---|---|
|
Otp | ||
---|---|---|
|