permit-unauth-remote-caller

Whether authorization API clients must be authorized by the authorization server before their requests are processed.

permit-unauth-remote-caller= {true|false}

Specification of Whether authorization API clients must be authorized by the authorization server before their requests are processed.

Options

true

Authorization API clients are not authorized. Attention: Specifying true exposes the policy database in the domain for all clients to read, not just those clients that were properly authorized with membership in the remote-acl-users group. Depending on the policy within the domain security, system planners must consider the ability for any client to read system-defined policy to be a security problem.

false

Authorization API clients are authorized.

Usage

Optional

Default value

false

Example

permit-unauth-remote-caller= false

Parent topic: [ivacld] stanza