In this tutorial about fine-grained action access control, you added anti-spam protections to the Meme Game API by blocking requests using certain email addresses. In doing so, you learned how to configure PingDataGovernance Server to act as a reverse proxy to a JSON API. You then learned how to use the PingDataGovernance Policy Administration GUI to create a fine-grained access control policy with rules that take effect based on the access token and body of an HTTP request. You also learned how to test policies and inspect policy requests using the Policy Administration GUI.
-
Gateway API Endpoint names in the PingDataGovernance Server configuration must match Trust Framework Service names in the Policy Administration GUI.
-
Policies can pinpoint different API services and HTTP verbs.
-
Policies can PERMIT or DENY transactions based on any combination of attributes.
-
Mock access tokens make testing very easy.
-
Trust Framework attributes obtain their values using resolvers and transform their values using processors.
-
PingDataGovernance Server supplies Attributes for HTTP metadata, request data, and OAuth 2 access token attributes.
-
You can test policies directly from the Policy Administration GUI.
-
The Policy Administration GUI's Decision Visualiser gives you a detailed view of recent policy decisions.