ACP Overview

Get familiar with the Authorization Control Plane (ACP) product. Learn about its most important concepts, features and capabilities.

What ACP is

Cloudentity ACP is a cutting edge platform for application and API access control. ACP consolidates the capabilities of a modern OAuth/OIDC server with advanced authorization, governance, consent management, and developer enablement features.

ACP enables modern applications to maintain a Zero Trust Policy by ensuring that contextually aware authorization happens for any API, service, or transaction. It keeps your users and data secure.

ACP preview

Flagship capabilities

Among all of the features of a modern platform for the Application and API access control, some of the ACP capabilities are especially worth a highlight:

  • Open Banking / Open Data compliance

    Emerging financial enablement regulations differ among regions of the world. Cloudentity adopted the unique approach to accelerate and navigate between different regional Open Banking standards. ACP methodology is based on the regional Security Profiles that codify the standards implementations and Security Policy Packs that allow users to select the policies that apply to them.

    ACP Open Banking capabilities preview

  • Fine-grained and externalized Dynamic Authorization for your applications and services

    Use ACP as your authorization provider to protect your APIs and services.

  • Native integration with Service Meshes and API Gateways

    Cloudentity ACP delivers an out of the box integration with various Service Meshes, for example, Istio, and API Gateways like Istio, Pyron Authorizer, AWS Gateway, and more.

  • Consent and Privacy management enabling Zero Trust for Consumers

    ACP as a service provider gives your users control over their personally identifiable information (PII) with a proper granularity. You can enhance the privacy of your users by setting up a proper policy structure that ensures the highest security level possible.

  • API discovery

    Aggregate where your web services and web APIs are located and centralize their location in one place to be able to have full control over your APIs security.

  • Identity Hub

    ACP gives you freedom of choosing your own identity provider. It provides you with enterprise connectors for major cloud IDPs that are SAML/OIDC based. You can also build your custom non-SAML and non-OIDC integration.

  • Data classification

    Classify your APIs, consent actions, or services by using the data classification tags to have more control over your data at the lowest granularity possible.

Where it fits

To fully understand the way Authorization Control Plane operates, you have to know where it fits in the world of dynamic authorization.

Hybrid Cloud environment

ACP acts as a bridge between your authentication provider (for example, Okta, OpenID, SAML) and API consuming applications. It is a safeguard of your APIs and user data. It provides identity policy automation and authorization governance for the Zero Trust policy between applications, services, users, developers and data.

What it provides

With ACP, Cloudentity provides you with:

  • Three deployment types:

    • On-prem with Kubernetes and/or Docker

    • On-prem with Linux packages

    • Hybrid SaaS with ACP running as a service and with a distributed MicroPerimeter authorizer.

  • Modern authorization server with:

    • Latest OAuth2.0/OIDC and related specification support (FAPI, PKCE, and more)

    • Preconfigured workspace templates that enable quick and easy setup for specific configuration patterns. For example, you can instantly create an Open Banking compliant workspace that has all of the required mechanisms and settings already in place.

    • Third Party developer involvement with the developer self-service portal to create and secure applications quickly and efficiently.

    • Ultra-scalable and lightweight performance

    • Built-in multitenancy

  • and more!

Read more

You can find a list of ACP features with more details provided on each ACP capability in the Features section of the documentation.

What is next

Now that you know the basics about Authorization Control Plane, you can either proceed to our more detailed documentation or jump into development to get your hands a little dirty setting up a demo environment. To learn how to do this, see the Quick Start guides