Overview
This release contains a minimal code sample that exposes a REST endpoint to receive incoming AuthZEN requests, convert them to dense XACML REST/JSON requests (where dense means we are using the shorthand notation for XACML categories e.g. AccessSubject rather than the generic URL-based form), send them to a PDP (Axiomatics in this example), get a XACML response back, convert the decision into a boolean (Permit becomes true, the rest is false), wrap it as an AuthZEN response and send it back to the requester.
Sample Input
Please refer to the Postman collection for samples.
Sample AuthZEN Request
{ "subject": { "identity": "CiRmZDA2MTRkMy1jMzlhLTQ3ODEtYjdiZC04Yjk2ZjVhNTEwMGQSBWxvY2Fs" }, "action": { "name": "can_read_user" }, "resource": { "type": "user", "userID": "beth@the-smiths.com" } }
Sample AuthZEN Response
{ "decision": true }