Layer7 API Management

Hello, 

I have to control user access to certain proxies after receiving the jwt token with the logged in user roles.
If an unauthorized user tries to access certain proxies, I will configure 403 error response.

Is it possible to have a Java Map like feature that can store proxy name as key and allowed roles as Value and then using this check in proxies for authorization?

Is there any other standard procedure?
Could you please suggest how to implement this change?

Hi.

Check if the Map Value assertion helps.
https://docops.ca.com/ca-api-gateway/9-4/en/policy-assertions/assertion-palette/policy-logic-assertions/map-value-assertion

Another option you can try is Execute Javascript Assertion, building the map using Javascript.
https://docops.ca.com/ca-api-gateway/9-4/en/policy-assertions/assertion-palette/service-availability-assertions/execute-javascript-assertion

------------------------------
Sr. Consultant Services
HCL Enterprise Studio
------------------------------

Original Message:
Sent: 08-05-2019 07:13 AM
From: Pramod Talekar
Subject: Authorization

Hello, 

I have to control user access to certain proxies after receiving the jwt token with the logged in user roles.
If an unauthorized user tries to access certain proxies, I will configure 403 error response.

Is it possible to have a Java Map like feature that can store proxy name as key and allowed roles as Value and then using this check in proxies for authorization?

Is there any other standard procedure?
Could you please suggest how to implement this change?