Layer 7 API Management

Expand all | Collapse all

Authorization

Jump to Best Answer
  • 1.  Authorization

    Posted 17 days ago
    Hello, 

    I have to control user access to certain proxies after receiving the jwt token with the logged in user roles.
    If an unauthorized user tries to access certain proxies, I will configure 403 error response.

    Is it possible to have a Java Map like feature that can store proxy name as key and allowed roles as Value and then using this check in proxies for authorization?

    Is there any other standard procedure?
    Could you please suggest how to implement this change?


  • 2.  RE: Authorization
    Best Answer

    Posted 10 days ago
    Hi.

    Check if the Map Value assertion helps.
    https://docops.ca.com/ca-api-gateway/9-4/en/policy-assertions/assertion-palette/policy-logic-assertions/map-value-assertion

    Another option you can try is Execute Javascript Assertion, building the map using Javascript.
    https://docops.ca.com/ca-api-gateway/9-4/en/policy-assertions/assertion-palette/service-availability-assertions/execute-javascript-assertion

    ------------------------------
    Sr. Consultant Services
    HCL Enterprise Studio
    ------------------------------