Archive for Apr 2023

OAuth and Fine-grained Access Control

If you're building an application that allows sharing among its users of whatever resources they build, then you need the fine-grained permissioning that a policy-based access control system provides.
Continue reading...

Minimal vs Fully Qualified Access Requests

By creating fully qualified authorization contexts from minimal requests, a policy information point reduces the burden on developers building or integrating policy enforcement points, allows for more flexible and reusable policies, and enriches authorization contexts to allow more precise access decisions.
Continue reading...