Application context information

Authorization rules might require application context information to complete an evaluation. Context information includes information that is not an entitlement but is specific to the current transaction or operation.

An example is a transaction amount, such as purchase price or transfer amount. This information is passed to the decision through the app_context attribute list of the azn_decision_access_allowed_ext() call. Security Verify Access WebSEAL also uses this mechanism to pass the values of certain HTML tags and HTML request data (from a get or post request) into the access decision for use in a rule evaluation.

Parent topic: Sources for retrieving ADI