This documentation is for WSO2 Identity Server 5.1.0. View documentation for the latest release.
Configuring the Policy Administration Point - Identity Server 5.1.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

The Policy Administration Point (PAP) is the system entity that creates a policy or policy set and manages them. WSO2 Identity Server can act as a PAP that provides comprehensive support on managing policies.

A XACML policy has a clearly identifiable life cycle inside a PAP.

Following is an illustartion of the life cycle within WSO2 Identity Server.

  1. We can create XACML policies using the provided editors.
  2. Once we are satisfied with the policy we have wrote we can evaluate that for expected behavior with sample requests without putting the policy into action in PDP.
  3. If there are any correction to be made, we can still do that. At this point Identity Server will automatically keep versioning the policy so that we can go back to a previous version of the policy.
  4. Once above cycle comes to an end with a policy that is throughly tested and cater for expected behavior, we can publish it to PDP.
  5. Then we have view what are the policies available in the PDP and enable them as desired.

The following topics provide instructions on how to configure the PAP.