Microgateway 10.5 | webMethods Microgateway Help | Policies | Identify and Access | Authorize User
 
Authorize User
This policy authorizes incoming requests against the list of users in the users.cnf file in Microgateway, or the list of users in the users.cnf file in API Gateway, or against the list of users, groups or LDAP groups configured in API Gateway. This authentication happens depending on the setting user_auth configured in Microgateway and the authentication configuration in API Gateway. For details, see User Identification to Support Identity and Access Management Policy.
Use this policy together with an authentication policy (for example, Require HTTP Basic Authentication).
The table lists the parameters of this policy and how Microgateway applies them to authorize the incoming requests.
Parameter
Description
List of Users
Authorizes incoming requests against a list of users configured in Microgateway in the users.cnf file.
List of Groups
Authorizes incoming requests against a list of groups configured in this policy.
This is performed by delegating the authorization to API Gateway to verify if the user identified from the request belongs to any groups configured in the policy. The delegation to API Gateway is achieved when the property user_auth is set as delegated. When the property user_auth is not set as delegated, the policy executes this condition as false.
Note:
You cannot use the List of Groups configuration option to authorize the LDAP groups.
List of Access Profiles
Authorizes incoming requests against a list of access profiles configured in this policy.
This is performed by delegating the authorization to API Gateway to verify if the user identified from the request belongs to any access profiles configured in the policy. The delegation to API Gateway is achieved when the property user_auth is set as delegated. When the property user_auth is not set as delegated, the policy executes this condition as false.