Administering protected objects and protected object spaces

You can use the administration API to create, modify, examine, list, and delete Verify Identity Access protected objects.

These protected objects represent resources that must be secured to enforce your security policy. You can specify the security policy by applying access control lists (ACLs), protected object policies (POPs), and authorization rules to the protected objects.

Verify Identity Access protected objects exist within a virtual hierarchy known as a protected object space. Verify Identity Access provides several protected object spaces by default. You can use the administration API to define new regions of the protected object space and to define and secure resources that are specific to a third-party application.

This chapter describes the administration API functions that you can use to administer protected object spaces and protected objects.

You must be familiar with protected objects before using the administration API. For an introduction to protected objects, see the chapter about managing protected objects in the IBM Verify Identity Access for Web: Administration Guide.

For an introduction to the use of ACLs, POPs, and authorization rules to secure protected objects, see the chapters about using access control policies, protected object policies, and authorization rules in the IBM Verify Identity Access for Web: Administration Guide.