[aznapi-pac-services] stanza

A PAC services plug-in gives authorization API applications the ability to move Security Verify Access credentials back and forth between the native Security Verify Access credentials format and an alternate format called privilege attribute certificate (PAC).

Each PAC services plug-in is a stand-alone module that is dynamically loaded into the authorization service.

Identity information can be obtained from a PAC. Applications can convert user credentials to PACs for use within other authorization domains. Applications can then pass the PACs to a server in another authorization domain and do an operation. The stanza entries for configuring Security Verify Access PAC services plug-ins are declared in the [aznapi-pac-services] stanza of each of these configuration files provided by ISAM:

• The configuration file for configured PAC services plug-ins for your resource managers

The aznAPI.conf configuration file is provided with ISAM as a sample file for creating our own resource manager configuration file. Developers of service plug-ins typically provide the standard functions. Before implementing service plug-ins, read and thoroughly understand the concepts in the Authorization C API Developer Reference.

• service-id
  This stanza entry defines the authorization API service for the ISAM privilege attribute certificate (PAC) encoding service.

Parent topic: Configuration file stanza reference