PingAuthorize

Conclusion

In this tutorial about fine-grained access control, you added anti-spam protections to the Meme Game API by blocking requests using certain email addresses. In doing so, you learned how to configure PingAuthorize Server to act as a reverse proxy to a JSON API. You then learned how to use the PingAuthorize Policy Editor to create a fine-grained access control policy with rules that take effect based on the access token and body of an HTTP request. You also learned how to test policies and inspect policy requests using the Policy Editor.

You also learned:

  • Gateway API Endpoint names in the PingAuthorize Server configuration must match Trust Framework Service names in the Policy Editor.

  • Policies can pinpoint different API services and HTTP verbs.

  • Policies can PERMIT or DENY transactions based on any combination of attributes.

  • Mock access tokens make testing very easy.

  • Trust Framework attributes obtain their values using resolvers and transform their values using processors.

  • PingAuthorize Server supplies Attributes for HTTP metadata, request data, and OAuth 2 access token attributes.

  • You can test policies directly from the Policy Editor.

  • The Policy Editor’s Decision Visualiser gives you a detailed view of recent policy decisions.