Chapter 9. Entitlements

In this chapter we start with introducing you to common models for designing entitlements and access control policies. We discuss how you can evolve your access control mechanisms with an entitlement management system that makes sure that APIs grant users the right entitlements at the right time in a consistent and scalable manner with the help of the OAuth access token. To demonstrate the theory, we look into Open Policy Agent and the relevant features as part of an entitlement management system. Finally, we showcase our arguments with an end-to-end example that ties together the dots.

Access Control Models

Access control (AKA authorization) is a security primitive that determines who can access what in which way and context. It distinguishes between the subject, that is the entity requesting access, the object, that is the protected resource like the user’s order history ...

Get Cloud Native Data Security with OAuth now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cloud Native Data Security with OAuth by Gary Archer, Judith Kahrer, Michał Trojanowski

Chapter 9. Entitlements

Access Control Models

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly