book

Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0

by Yvonne Wilson, Abhishek Hingnikar

December 2019

Intermediate to advanced

323 pages

7h 31m

English

Apress

Content preview from Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0

Y. Wilson, A. HingnikarSolving Identity Management in Modern Applicationshttps://doi.org/10.1007/978-1-4842-5095-2_8

8. Authorization and Policy Enforcement

Yvonne Wilson¹ and Abhishek Hingnikar²

(1)

San Francisco, CA, USA

(2)

London, UK

A people that values its privileges above its principles soon loses both.
—Dwight D. Eisenhower, 34th president of the United States, from first inaugural address

The previous chapters covered the mechanics of authorizing an API call and authenticating a user. This chapter will discuss authorization vs. the enforcement of access policy and how identity protocols can be used to help implement them.