Authorization as a Service

Identity-aware authorization at cloud-scale


Decouple Authentication from Authorization: accelerate and future-proof your development efforts by breaking the dependency between applications and data sources

Identity Hub: Aggregate & Normalize Identity data from multiple sources

Identity from Any Provider
Authentication Temp Image

Access Control

Future-proof, open-standard based application integration: OAuth2 or OIDC

RBAC/ABAC/PBAC: Perform Role, Attribute & Permission Based Access Control based on information from identity sources

Transactional MFA: Prompt users for step-up authentication for authorization to sensitive data or services

Open-standard Based Application Integration
Access Control Temp Image

Data Control

Smart Tokens: Data-level governance to control data distribution to applications

Consent Ledger: Fine-grained consent grants put users in control of their PII and how it is distributed

Partner Data Sharing: Enable data sharing with Partners

Delegated Administration: Multi-level policy management for admins, 3rd party developers and partners

Data Control Temp Image

Adaptive Enforcement

Dynamic Authorization Policies: Perform risk-aware authorizations that consider transaction payloads and API invocation characteristics

Automated Workload Discovery & Orchestration to Achieve Zero-Trust: Broad support for API Gateways as well as deep integration and service identity for modern application backends running on K8s and service meshes

Policies as Code: Unified policy language authored visually or via JSON, OPA/Rego and JavaScript

Adaptive Enforcement
Int Control Temp Image
Cloud Identity Management