API Gateway 10.3 | Using API Gateway | Policies | System-defined Stages and Policies | Identify and Access | Authorize User
 
Authorize User
This policy authorizes applications against a list of users, a list of groups, or users who belong to LDAP group registered in API Gateway.
Note:
LDAP groups cannot be authorized using the List of Groups configuration option. To authorize a user who belongs to an LDAP group, you must first create an access profile containing one or more LDAP groups and then authorize the user using List of Access Profiles configuration option in this policy.
Use this policy in conjunction with an authentication policy (for example, Require HTTP Basic Authentication, Require WSS Username Token).
The table lists the properties that you can specify for this policy:
Parameter
Description
List of Users
Authorizes applications against a list of users registered in API Gateway.
Type a search string, select a user, and click to add. You can add more users in a similar way.
Click to delete the user added.
List of Groups
Authorizes applications against a list of groups registered in API Gateway.
Type a search string, select a group, and click to add. You can add more groups in a similar way.
Click to delete the group added.
List of Access Profiles
Authorizes applications against a list of access profiles registered in API Gateway.
Type a search string, select an access profile, and click to add. You can add more access profiles in a similar way.
Click to delete the access profile added.