Authorize user

Controls access by allowing only specified users.

The Authorize user policy authorizes the application against a list of users, user groups, and teams registered in IBM API Studio.

In IBM API Studio, this policy is identified by the kind AuthorizeUser.

Example of an Authorize user policy in code view.

kind: AuthorizeUser
apiVersion: api.ibm.com\v1
metadata:
  name: authorizeUser
  version: 1.0
  namespace: sample
  tags:
    - authorizeUser
spec:
  users:
    - default
    - api_developer
    - administrator # users could be anyone
  groups:
    - everybody
    - api-gateway-providers # any group name can be included
  teams:
    - default
    - APITeam # any team name can be included

For the AuthorizeUser policy kind, configure these specifications:

Property Description
spec
  • users. Specifies the users to authorize.
  • groups. Specifies the user groups to authorize. Any group name can be included.
  • teams. Specifies the teams that can access the API. Any team name can be included.