Overview of the API Access Control

ISAM provides many capabilities which can be configured independently to protect a RESTful API. The following are capabilities that are included:

• Junctions
• Access Control Lists (ACLs)
• Protected Object Policy (POP)
• HTTP Transformation Rules
• Rate Limiting Policy
• Static Response Headers
• OAuth Validation

The API Access Control component provides a simple way for these various capabilities to be configured in order to protect a RESTful API. The following diagram shows a high level overview of the flow of a request when the API Access Control has been configured.

• Components
  
• Authorization
  
• Resource Servers
  
• Resources
  
• Resource Documentation
  
• Resource Access Policies
  
• Cross-Origin Resource Sharing (CORS) Policies
  
• Configuration Auditing
  

Parent topic: API Access Control