API Gateway 10.5 | Using API Gateway | Policies | System-defined Stages and Policies | Identify and Access | Authorize User
 
Authorize User
This policy authorizes incoming requests against a list of users, a list of groups, or users who belong to LDAP groups registered in API Gateway.
Note:
LDAP groups cannot be authorized using the List of Groups configuration option. To authorize a user who belongs to an LDAP group, you must first create a team containing one or more LDAP groups and then authorize the user using List of Teams configuration option in this policy.
Use this policy in conjunction with an authentication policy (for example, Require HTTP Basic Authentication, Require WSS Username Token).
The table lists the parameters of this policy and how they are applied to authorize the incoming requests.
Parameter
Description
List of Users
Authorizes applications against a list of users registered in API Gateway.
Type a search string, select a user, and click to add. You can add one or more users.
Click to delete the user added.
List of Groups
Authorizes applications against a list of groups registered in API Gateway.
Type a search string, select a group, and click to add. You can add one or more groups.
Click to delete the group added.
List of Teams
Authorizes applications against a list of teams registered in API Gateway.
Type a search string, select a team, and click to add. You can add one or more teams.
Click to delete a team.