Securing APIs and Microservices with ABAC, OAuth, and OIDC

Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. In this webinar, Gerry Gebel and David Brossard outline a set of examples where security standards work together […]

Technical Viewpoint: Protecting Microservices and APIs with ABAC, OAuth, and OpenID Connect

Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. This document outlines a set of examples where security standards work together in addressing requirements that are difficult […]

Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture – Using ABAC for APIs and Microservices

As opposed to traditional monolithic applications, a (micro)service-based architecture comprises multiple loosely coupled modules (“services”) that serve specific business purposes and communicate over lightweight network protocols. Such services can be developed, deployed and scaled independently on different platforms, which greatly reduces the time needed to bring as new product to market and allows for continuous […]

Webinar: Externalized Dynamic Authorization in a [Micro]Services World

Externalized Dynamic Authorization in a [Micro]Services World Key Takeaways: Enforcing authorization on the response leg to incorporate characteristics of the resources being protected Utilizing scopes only for what they were intended: delegated consent Filtering data at the Policy Enforcement Point Deploying authorization services as a microservice Fill out the form below to view this webinar.

Axiomatics Primer: OAuth and OpenID Connect

Learn how to approach applying Externalized Dynamic Authorization to an API and/or microservices architecture that uses OAuth 2.0 flows and/or OpenID Connect (OIDC), with this Axiomatics Primer on the basics of OAuth and OpenID Connect.