Policy Decision
The PingAuthorize Server provides Authorization Policy Decision APIs to support non-API use cases.
The Authorization Policy Decision APIs consist of the following policy decision point (PDP) APIs:
-
This API provides a standards-based interface.
Standards-based enforcement points request policy decisions based on a subset of the XACML-JSON standard. For more information, refer to XACML 3.0 JSON Profile 1.1.
-
This API provides a simple interface.
The Authorization Policy Decision APIs can indicate when a request or response triggers advice, but the application server must implement the advice.
To make a PDP API available, you must:
-
Configure the PingAuthorize Server with a feature-enabled license during setup.
-
Configure the PDP Service. For more information, refer to Deploy policies in a production environment.
-
For the XACML-JSON PDP API, configure an Access Token Validator. For more information, refer to Access Token Validators.