Authorize

Checks whether the authenticated client has the required permissions.

Use the Authorize policy to enforce role-based or permission-based access control before the request reaches the backend.

For more information on the policy parameter descriptions, see DataPower Nano Gateway documentation.

Example of an Authorize policy in code view.

kind: Authorize
apiVersion: api.ibm.com/v1
metadata:
  name: authorize-subscription
  namespace: security
  version: 1.0
spec:
  namespace: ''
  operation:
    subscription: {}
---
kind: Authorize
apiVersion: api.ibm.com/v1
metadata:
  name: authorize-jwt
  namespace: security
  version: 1.0
spec:
  namespace: ''
  operation:
    jwt: 
      issClaim: ''
---
kind: Authorize
apiVersion: api.ibm.com/v1
metadata:
  name: authorize-oauth2
  namespace: security
  version: 1.0
spec:
  namespace: ''
  operation:
    oauth2: 
      issClaim: ''
      requiredScopes:
        - provider: 'oauth provider'
          scopes: 
            - 'read:user'
            - 'write:user'