Page created: 9 Feb 2021 |
Page updated: 10 Aug 2021
PingAuthorize can control access to a specific resource based on the resource owner's consent to share.
Examples of resources include:
- Health care records shared with a spouse (an individual)
- Banking records shared with a known third party, such as an asset-monitoring tool
- Purchase history shared with an anonymous third party, possibly for improved promotional offers
In this scenario, we continue using the meme games API used in Getting started with PingAuthorize (tutorials). Assume my friend has crafted several funny memes that she wants to share with me. When my browser or app requests her memes, PingAuthorize enforces access based on her consent to share.
We first set up some Trust Framework attributes and services and then create a policy that uses those items to check consent and then permit or deny access. The following topics cover these tasks.