Workspace administrator guides

Configuring ACP tenants
Configure your tenant, including workspaces, MFA settings, branding, and authentication context.
Managing workspaces
Instructions on how to set up and configure workspaces in ACP
Connecting identity providers to ACP
Methods of connecting users, developers, and administrators to ACP
Assigning data classification tags to APIs
Instructions on how to configure APIs with data classification tags
Configuring claims for ID tokens and access tokens
Authorization Control Plane (ACP) allows you to set up claims to be passed with tokens issued by your authorization server. You can define claims to be added either using IDP-mapped authentication context or OAuth client application attributes (including application metadata).
Configuring ACP with OneLogin as an identity provider using the SAML federation
Instructions on configuring ACP with OneLogin as an identity provider using the SAML federation
Exporting and importing ACP tenants configuration
Learn how to export and import ACP tenant’s configuration using API and built-in ACP command line interface (CLI), which is available for on-premise deployments. You can move tenants' configuration between your different ACP deployments, or use it for configuration automation. You can also export and import the entire ACP configuration for all tenants.
Protecting scopes with access policies
Learn how to configure a policy and use it for restricting access.
Enabling token endpoint authentication methods for your workspace
Instructions on how to enable specific token endpoint authentication methods for your apps in the ACP workspace
Configuring ACP to verify the client mTLS authentication
Learn how to configure Authorization Control Plane so that it verifies client application’s root certificates instead of the system root certificates in case the mTLS client authentication method is enabled.