Beyond usernames and passwords, how do you ensure that resources, APIs, and systems get the right amount of protection they need? Enter Authorization and Access Control.
Try WSO2 Identity ServerAccess control enables an organization’s administrators to control or restrict access to an organization’s resources, APIs and systems to ensure that access is provided to the right users at the right time. It is based on roles, attributes, on the administrator’s discretion, or if mandatory access is required.
This can be further illustrated as:
Fine-grained access control is enabled by XACML (extensible Access Control Markup Language). It is a commonly known industry standard and an XML-based language that helps to express and enforce policies on access control.
Secures the access provided to your resources
Maintains an audit log of all user activity
Prevents data breaches and mitigates security risks
Increases accessibility
Flexibility to grant different levels of access to different user groups
Improves user experience
WSO2 Identity Server provides role-based and attribute-based access control based on XACML to control access policies for users. It also provides the capability for administrators to review permissions provided to users based on the privileges assigned to them.