Cloudentity Authorization Control Plane (ACP) comes with flexible built-in administration capabilities both via UI and API set.
Administrator is usually an owner of the ACP product, a member of the security or infrastructure team responsible for the API enablement and the API access control. Also, an API product owner can be delegated to overlook the protection and exposure of APIs as a tenant administrator in ACP.
Technically, the administrator is a user connected to the system workspace.
You can configure who can act as an administrator using ACP BYOID. By supporting various OAuth and OIDC flows, ACP can be integrated with all kinds of applications, including web, mobile, backend, IoT.
The tenant administrator can create and manage
- Workspaces with corresponding authorization servers (including developer and system workspaces),
- Sources of identity for each workspace,
- Protected services and scopes,
- Authorization policies,
- Privacy and consent settings for the tenant,
- Custom claims and mappings.
ACP comes with the administrator portal, which allows administrators to control critical aspects of the API protection, authorization, and the API integration with client applications.
All features for administrators are available in the portal UI
https://acp-hostname/default/admin) and can be also accessed via admin
The left sidebar of the portal allows you to
Switch between System, Developer, and Consumer to configure settings for specific roles.
Preview Identities to configure your identity connections so that the users can sign in with them.
Go to Services, where you can create your services with scopes.
Explore Polices, which is for creating and defining your authorization policies for users roles and access.