Dynamic Authorization for the Apigee API Gateway

One of the most common API gateways in the market that Axiomatics customers work with is Apigee. This gateway comes with built-in capabilities for extending the authorization and with that calling an external authorization service. Apigee also has capabilities to be extended using custom coding/development.

Axiomatics and Apigee can be configured to apply authorization on APIs. The information the API call returns can be masked or redacted using different techniques available both in the Axiomatics components and by leveraging the custom development aspects of Apigee. Key takeaways:

  • Core concepts of dynamic authorization for APIs
  • Applying policy-based fine-grained authorization for APIs
  • Policy-based authorization on the data payload returned by an API call, i.e. masking/redaction of data.

We see the need for dynamic authorization on API Gateways for use cases such as n
ew customer portals, augmenting OAuth with ABAC to achieve fine-grained authorization and building microservices and externalizing authorization. If you would like to discuss your use case, please request a demo

Watch on-demand.

Other Resources

Zero Trust Through Dynamic Authorization And Policy Driven Access
Join experts from KuppingerCole Analysts, Ericom and Axiomatics for an interactive discussion on the role of fine-grained access controls in adopting Zero Trust and how best to address that challenge to meet the needs of a hybrid workforce using cloud-based applications and adopting new ways of working, such as DevOps.
The Convergence of Cloud, DevOps and Access Control
Security experts from industry-leading NTT DATA and Axiomatics are making a deep dive into migrating access control to the cloud. Follow the demonstration of how to set up a project for containerization using ALFA and Jenkins.
ABAC as code – Applying Modern DevOps to Policy Authoring
A DevOps approach to externalized business policy engineering can ensure modern CI/CD processes help IT adoption of access control policy authoring.