Protect Microservices, APIs with ABAC, OAuth, OIDC

Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. This document outlines a set of examples where security standards work together in addressing requirements that are difficult […]

KuppingerCole Report – Executive View: Axiomatics Policy Server

The Axiomatics Policy Server (APS) has been named among the leading access control solutions for its outstanding features according to KuppingerCole in this Executive View report. Axiomatics provides a complete enterprise-grade dynamic authorization solution that can address an organization’s breadth of access control needs. APS makes available a suite of tools and services to manage […]

Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture – Using ABAC for APIs and Microservices

As opposed to traditional monolithic applications, a (micro)service-based architecture comprises multiple loosely coupled modules (“services”) that serve specific business purposes and communicate over lightweight network protocols. Such services can be developed, deployed and scaled independently on different platforms, which greatly reduces the time needed to bring as new product to market and allows for continuous […]

Axiomatics Policy Management Suite

The Axiomatics Policy Management suite provides a solution for companies wanting to provide fine grained access control to protected resources. This means evaluating a user’s access request, at runtime, against pre-determined policies to either permit or deny the user’s request. Applications then apply the decision. The Axiomatics Policy Suite was featured in this Leadership Compass […]

5 Fast Facts for API Access Control

APIs have become the defacto method for connecting people with data. This is great news for users: access is much smoother and often instantaneous. But for administrators controlling sensitive data, access control is a major headache. With this in mind, we’ve outlined five key API access control facts – along with a little help on […]