How-tos

Protecting Applications with the Use of Developers Metadata

Instructions on how to protect an application using details on a developer who created the application

Note

Developer metadata can be used for validating policies. It enables, for example, blocking the scope assignment to an application created by a developer identified with specific metadata.

Prerequisites

  • You can log in to Cloudentity as an administrator.
  • You have at least one application in Cloudentity.

Create App Metadata

  1. In the workspace, select Applications > Clients from the sidebar.

  2. Select an application that you want to add/check the metadata on.

  3. In the application view, select the Metadata tab.

  4. In the Metadata view, navigate to Developer metadata and review or add content.

    Result

    You’ve learned details on a developer who created the application and you are able to use this data for your purposes.

Create Policy

  1. Create a Cloudentity user or machine-to-machine policy as described in Creating a policy in the Cloudentity policy editor.

  2. In the policy generating engine, select ADD VALIDATOR.

  3. From the fly-out Add new validator pane, select Developer.

  4. In the Developer validator, select ADD FIELD.

  5. In the Cross context condition editor, select an attribute for the developer context from the drop-down list, for example URL of the webpage.

    Note

    You can also define your own attribute by selecting Custom value from the top of the list of predefined attributes.

  6. Continue the validator setup in the Cross context condition editor:

    1. Select an attribute operator, for example, equals.
    2. Enter a value (target) for your attribute that would validate the policy, for example, https://example.com/.
    3. Select SAVE to complete the field setup.
  7. Select the OK icon from the top right corner if you’re done with adding fields.

  8. If you’re done with adding validators, select SAVE to complete the policy setup.

Result

Your policy validating developer metadata is ready to be used.

Next Steps

Use the developer metadata for various authorization operations on the 3rd party application in Cloudentity. See, for example, Protecting scopes with access policies as a reference.

Updated: Jul 11, 2022