Authorization service interfaces
Interaction in the authorization service occurs in the management interface and the authorization API.
- Management interface
- The security administrator manages the security policy with the Web Portal Manager or pdadmin command-line
interface to apply policy rules to resources in a domain. The security
policy is managed in the policy database by the policy server.
This interface is complex and involves detailed knowledge of the object space, policies, and credentials.
- Authorization API
- The authorization API passes requests for authorization decisions from the resource manager to the authorization evaluator. The authorization evaluator provides feedback on whether to grant or deny the request.