- Authorization Control Plane
- Open Banking
-
Features
- OAuth
- Workspaces
- Tenants
- Data Lineage
- Policies
- Services
- User portals
- Secrets management
- Privacy
- BYOID
- Access Control for Devices
- IDP discovery
- Authorization for GraphQL
- Dynamic scopes
- Extensions
- Stateful authZ
- Standalone Authorizer
- AuthZ for Istio
- AuthZ for Kong
- Keys management
- Search and filters
- Multi-tenant authorizers
- Transactional MFA
- Audit events
-
Guides
- Quick start
- Workspace administrator
-
Developer
- Encryption
- mTLS client
- DCR
- API security
- Extensions
-
Open Banking
- Custom consent for OB UK
- CDR Arrangement Amendment
- CDR Consumer Consent Withdrawal
- CDR ADR Client Management
- CDR DH API protection
- Implementing OB Brazil consent pages
- CDR consent app
- CDR consumer dashboards
- Enabling custom consent
- Integrating custom consent
- OB DCR
- Setting AMR and ACR claims
- Use reference consent self-service and admin portals
- Authorization Service APIs
- Identity Service APIs
- External services APIs
Protecting endpoints and controlling access
Protecting applications
Instructions on protecting applications
Access control
Instructions on how to restrict access by using policies and scopes
Protecting APIs on the AWS gateway
Instructions on configuring the AWS gateway to protect your APIs
Apigee Gateways
Learn how to you can discover and protects APIs deployed behind two different gateways: Apigee X and Apigee Edge.
Protecting APIs on Azure API Gateway
Learn how to protect your APIs deployed behind the Azure API Gateway. Configure your {{< product-name acp >}}’s Azure Authorizer to adjust its configuration to your needs.
Protecting APIs on Istio
Protecting APIs on Istio
External API authorization
ACP Standalone Authorizer gives you a possiblity to connect your internal API gateway to a locally deployed ACP authorizer for externalized access control. Learn how to implement authorization for your APIs.
Protecting APIs deployed behind the Pyron API Gateway
Learn how to apply access control enforcement for APIs deployed behind the Pyron API Gateway.
Protecting APIs exposed on Kong API Gateways
Learn how to apply access control to protect APIs deployed behind Kong API Gateways. Install necessary plugins in your Gateway. Deploy ACP’s Kong Authorizer to enforce policies applied to your discovered APIs.
Protecting applications and APIs using Signal Sciences metrics
Instructions on how to configure policies to protect your API and applications using Signal Sciences controls
Protecting applications and APIs in ACP using Open Policy Agent
Instructions for developers on how to use Rego policies to protect APIs and applications in ACP.
Protecting data with the use of dynamic scopes
Instructions on how to configure dynamic scopes and use them as an authorization asset
Protecting applications and APIs with policies using dynamic scopes
Instructions on how to configure a policy verifying dynamic scopes and use them as an authorization asset
Protecting multi-tenant APIs
Learn how to protect multi-tenant APIs using multi-tenant authorizers for on-premise deployments. Get information how to configure your multi-tenant authorizer and how to set global authorization policies. Learn how to add your tenant-specific authorization policies.
Using third-party access tokens for access control
Learn how you can provide third-party access tokens and utilize ACP’s authorizers capability to exchange external tokens for internal access tokens that are used to authenticate your access to protected APIs or services.