ACP integration

Learn what are the possibilites for integrating Authorization Control Plane (ACP) with a variety of identity providers (IDPs) and API gateways/enforcement providers.

ACP integration in a nutshell

ACP gives you freedom of choosing your own identity provider and enforcement providers to create a secure ecosystem that is all about the security of your applications and APIs.

ACP integration simplified diagram


ACP provides you with enterprise connectors for major cloud identity providers that are SAML or OIDC based. You can choose from one of the following:

  • Cloud Identity Plane

  • Okta

  • OpenID Connect

  • SAML

  • Microsoft Azure AD

  • Microsoft Azure AD B2C

  • Amazon Cognito

  • GitHub

  • IntelliTrust

You can also build your custom non-OIDC or non-SAML IDP connection.

Choosing one of the IDPs over the other gives you no additional benefits as Cloudentity believes strongly in an IDP agnostic approach. You can integrate any of the IDPs that you use with ACP. Whatever IDP you choose is completely opaque for consuming applications. Additionally, if your ACP is up and running and the applications are integrated with an IDP, you can switch their identity provider in a matter of minutes.

Read more

Read more about the concept of Bringing Your Own Identity Providers (BYOID).


Use one or more of API Gateways / Enforcement solutions that are available to be integrated with ACP:

In addition, ACP provides you with the MicroPerimeter™ Authorizer, which encapsulates microservices allowing a secure means of protecting your East/West traffic without compromising speed. MicroPerimeter™ Authorizer provides service-to-service identity, API security and fine-grained authorization for the protected services by being as close to the service as possible.

If you work in a distributed applications system and a multi-tenant environment, ACP gives you an opportunity to protect your multi-tenant APIs using multi-tenant authorizers that are responsible for the API protection for a number of tenants. To learn more, read the Multi-tenant authorizers documentation.