CPC H04L 63/20 (2013.01) [H04L 63/0263 (2013.01); H04L 63/08 (2013.01); H04L 63/101 (2013.01); H04L 63/102 (2013.01); H04L 63/104 (2013.01); H04L 67/133 (2022.05)] | 19 Claims |
1. A method for authorizing an application programming interface (API) call made for a particular user to access a particular service, the method comprising:
receiving an authentication first policy that defines a set of one or more users of a system providing one or more services including the particular service, the set of one or more users comprising the particular user;
receiving an authorization second policy that defines access to the particular service by the set of one or more users;
generating an authorization third policy for defining access to the particular service by the set of one or more users by combining the first and second policies;
receiving a query regarding access through an API to the particular service for the particular user; and
using the third policy to provide a response to the query that describes whether the particular user is allowed to access the particular service through an API call.
|