Authorize
Checks whether the authenticated client has the required permissions.
Use the Authorize policy to enforce role-based or permission-based access control before the request reaches the backend.
For more information on the policy parameter descriptions, see DataPower Nano Gateway documentation.
Example of an Authorize policy in code view.
kind: Authorize
apiVersion: api.ibm.com/v1
metadata:
name: authorize-subscription
namespace: security
version: 1.0
spec:
namespace: ''
operation:
subscription: {}
---
kind: Authorize
apiVersion: api.ibm.com/v1
metadata:
name: authorize-jwt
namespace: security
version: 1.0
spec:
namespace: ''
operation:
jwt:
issClaim: ''
---
kind: Authorize
apiVersion: api.ibm.com/v1
metadata:
name: authorize-oauth2
namespace: security
version: 1.0
spec:
namespace: ''
operation:
oauth2:
issClaim: ''
requiredScopes:
- provider: 'oauth provider'
scopes:
- 'read:user'
- 'write:user'