This documentation is for WSO2 Identity Server 5.4.0 . View documentation for the latest release.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

By this time we have an XACML policy created. In order to use this policy in authorization in Identity Access Management(IAM), we need to publish it to the Policy Decision Point(PDP). During policy publishing, the policy in the Policy Administration Point(PAP) policy store will sync up with PDP policy store. The PDP is the place where authorization decision is taken. The PDP will access one or more policies in the Policy Administration Point(PAP) and other additional information such as subject, resource, action and environmental resources in Policy Information Point(PIP) to get the decision. Furthermore, this policy will not enforce unless it is published. (Read more about XACML Architecture)

You can publish a XACML policy to PDP for runtime evaluation using the instructions in this topic.

...