Use IDM managed objects in policy decisions

This topic has 0 replies, 1 voice, and was last updated 7 months, 1 week ago by AjitRaviASX.

  • Author
    Posts
  • #27594
     AjitRaviASX
    Participant

    Hi All,

    We have a complicated data model of objects within IDM. Which contains many relationships among different managed objects. We have configured AM which is integrated with IDM and would like to use AM to invoke authorization policies.

    I have 2 questions;

    1. How we can use IDM’s data in authorization policy? The complication is we need to orchestrate different IDM’s API calls and would like to avoid going back and forth from AM to IDM. Is there a way we can combine results of different API queries in one call?
    2. What are the recommendations for Fine grained authorization vs Coarse grained Authorization in terms of who should do it. Should AM do both or we split the responsibilities between application and AM? There is an API gateway between application and Forgerock components.

    Thanks,
    Ajit Ravi

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?