Fine-grained Authorization for APIs

API Security is top of mind for most enterprises, and APIs are often part of fast-moving customer-facing initiatives. Security is paramount, but it can’t slow down a priority project. That’s where Attribute-Based Access Control (ABAC)  can help. An easy integration with leading API gateways, this extra layer of fine-grained access control allows a policy-based approach to API access control. Using a wide number of attributes, you can tackle even the toughest use cases for enforcing user permissions and governing access to data. This is particularly important if you are exposing business critical or sensitive data via your APIs.

A sample of the common API Gateway Use Cases we have handled:
  • Expose data via APIs securely (secure collaboration)
  • Enable efficient reuse of sensitive information assets
  • Enforce policy-based authorization aligned with business rules
  • Extend the authorization capabilities of API Gateways
  • Remove the need to re-code individual APIs when corporate policies change

Any time there is a need to securely collaborate, while also protecting sensitive data via an API, an ABAC approach is the perfect fit to fine-tune the access control.

The top API gateways we work with regularly:
  • Apigee
  • Amazon API Gateway
  • Axway
  • CA API Gateway
  • IBM Data Power
  • Mulesoft