AuthZEN Working Group - Specifications
AuthZEN will focus on specific areas of interoperability by documenting common authorization patterns, define standard mechanisms, protocols and formats for communication between authorization components, and recommend best practices for developing secure applications. AuthZEN Working Group
OVERVIEW
AuthZEN Working Group
CHARTER
AuthZEN Working Group
SPECIFICATIONS
AuthZEN Working Group
REPOSITORY
Final Specifications
- Authorization API 1.0 – the Authorization API enables Policy Decision Points (PDPs) and Policy Enforcement Points (PEPs) to communicate authorization requests and decisions to each other without requiring knowledge of each other’s inner workings.
Implementer's Drafts
- AuthZEN 1.0 version 01 – First Implementers Draft that defines the API for a Policy Enforcement Point requesting an authorization decision from a Policy Decision Point
Drafts
- AuthZEN 1.0 current working draft
- AuthZEN 1.0 draft 03 – Adds the subject, resource, and action search APIs
- AuthZEN 1.0 draft 02 – Adds the evaluations endpoint to support boxcarred requests
- AuthZEN 1.0 draft 01 – First Implementer’s Draft – specifies the evaluation endpoint
- AuthZEN 1.0 draft 00 – Initial draft that was the target for the Identiverse 2024 interop. Superseded by the Implementer’s Draft.