-
Notifications
You must be signed in to change notification settings - Fork 0
Home
▶️ Getting Started (this page)- ⏬ Deploy and Configure the Policy Decision Point
- ⏬ Chart Configuration
- ⏬ Integration Guide
- ⏬ Policy Management
- ⏬ Policy Language
- ⏬ Terms and Conditions API
- ⏬ Policy Checks
- ⏬ Policy Decision Endpoint API
The PDP Service is packaged and delivered as a Docker container.
You can either
👷♀️ Build and deploy your own PDP Service
or
🚢 Use the latest release version available on Docker Hub as eoepca/um-pdp-engine:latest
In this guide, we assume using a locally packaged Policy Decision Point (PDP) so we will refer to um-pdp-engine:latest as the docker image. Please substitute with your image tag.
The PDP service is a Platform-wide component that allows the Authorization Server to perform policy-based access control over Platform Resources, and allows Resource Owners, and Resource Servers to assign access polices to protect their Platform resources (endpoints, operations, offerings...).
The PDP is a self-standing XACML compliant service, but it is possible to provide configuration parameters pointing it towards:
- OIDC and UMA Endpoints (exposed by a Login Service), enabling authenticated and authorized access to a protected SCIM Endpoint.
- SCIM Endpoints (exposed by a Login Service or End-User database component), enabling access to the End-User back-end of the Platform.
If you do not have these endpoints available, please follow the Login Service wiki to setup a dedicated instance.
⏭️ Next step: Deploy and Configure the PDP