API Access Control

Integrations

Integrate an authorizer with your gateway for rich, locally enforced, and centrally managed distributed authorization:

• Apigee Edge
• Apigee X
• AWS API Gateway
• Azure API Gateway
• Istio Service Mesh
• Kong API Gateway
• Kusk API Gateway

Authentic Zero-Trust with Service Mesh

Fortify your zero-trust model by embedding API authorization into your Istio Service Mesh. Ensure secure API requests within your zero-trust network.

Streamlined API Discovery & Governance

Automatically unveil APIs across all connected gateways. Allocate authorization policies effortlessly and govern API authorization from token minting to endpoint policy enforcement.

Robust Protection for GraphQL APIs

Enhance GraphQL API protection. Designate policies directly through SecureAuth or take a declarative stance by including the policies within your GraphQL schema files.

Streamlined Token Exchange with Authorizers

SecureAuth authorizers facilitate the conversion of incoming third-party access tokens to internal access tokens:

• Employ OAuth Token Exchange Grant Type: SecureAuth authorizers can interact with trusted IDPs (authorization servers) to exchange tokens, utilizing dedicated client credentials to engage with SecureAuth’s OAuth token endpoint.
• Configurable Token Handling with Istio Authorizer: Istio Authorizer offers the flexibility to choose the token (original or exchanged) passed to the API/service, or even pass both tokens by configuring the header settings, ensuring tailored token management.

Policy-Based API Control simplifies the management of API access by establishing clear rules and enforcing them across the organization.

Transition authorization from application code to decisive authorization policies for enhanced security, easy modification, and thorough audit. Utilize localized policy decision and enforcement points for millisecond-level latency and automatic policy distribution.

Authorization Levels:

• Application Level: Control who can access your application. Enforce MFA, ID-proofing, or permissions.
• Token Minting Level: Control which users/machines can get the security tokens. Block token minting for anomalous requests.
• Scope Level: Control access to specific scopes. Require MFA for high-value transactions.
• API Request Level: Assign policies to APIs for locally enforced, centralized authorization.

Policy Declaration:

Enable dynamic access control decisions based on a myriad of attributes like user roles, current location, time of access, the resource being accessed, and much more.