Download your copy of our State of Authorization: Playbook Edition Get it now »

Axiomatics and Zuplo Partner to Build Seamless, Scalable API Access Control

Learn about our partnership and integration to help ensure strong, purpose-built authentication, authorization, and routing for APIs.

CHICAGO, IL and SEATTLE, WA – Axiomatics, the leader in delivering next-generation authorization and Zuplo, reinventor of the API Gateway, today announced a partnership aimed at providing seamless and scalable access control for APIs. The partnership and integration ensure strong, purpose-built authentication, authorization and routing for APIs, which is a critical element of both a Zero Trust and defense-in-depth strategy.

“Zuplo’s commitment is to make API management as streamlined and robust as possible. Our customers rely on us for consistent authentication and comprehensive policy enforcement,” said Nate Totten, co-founder and CTO for Zuplo. “Our exciting new partnership with Axiomatics extends these capabilities, integrating sophisticated, policy-driven authorization that balances centralized control with the flexibility of decentralized enforcement.”

Recent studies show that almost one third of all web attacks in 2023 were targeted at APIs, which comprise more than 80 percent of all HTTP traffic. The integration of the Zuplo light-weight, fully-managed API Management platform with Axiomatics’ policy-driven authorization solution enables enterprises to implement a scalable, modern approach to API access control, including:

  • Dynamic and fine-grained authorization for APIs: Dynamic, fine-grained authorization evaluates multiple attributes from multiple information points to determine what actions can be taken, by who or what and under what context/conditions.
  • Leveraging a policy-as-code approach: Policy-as-code is a critical element of a defense-in-depth approach as it combines configuration and compliance into one step. This approach increases speed and efficiency when compared to the manual approach of addressing each API and application individually.
  • Applying Zero Trust to APIs: The central, dynamic Axiomatics policy engine removes the burden of coding and managing authorization functionality individually for each application, with enforcement of policy decisions done through the Zuplo API gateway. This enables enterprises to employ consistent compliance and security policies from one location and apply them across enterprise APIs, regardless of underlying technology.

“While we’ve seen significant progress in API security, API access control remains a work in progress, with many enterprises assuming authentication and authorization is solved through an OAuth-only approach,” said David Brossard, CTO for Axiomatics. “This integration takes an API-centric approach, which is not only a more modern approach in line with Zero Trust, but also offers significant efficiency and performance advantages.”

To learn more, register for a webinar on Wednesday, May 22 at 1 pm ET/10 am PT featuring Zuplo co-founder and CTO Nate Totten and Axiomatics CTO David Brossard will discuss how to take a defense-in-depth approach to manage and protect APIs.

About Axiomatics

Axiomatics is the originator and leading provider of runtime, fine-grained authorization delivered with attribute-based access control (ABAC) for applications, data, APIs, and microservices. The company’s Orchestrated Authorization strategy enables enterprises to effectively and efficiently connect Axiomatics’ award-winning authorization platform to critical security implementations, such as Zero Trust or identity-first security. The world’s largest enterprises and government agencies continually depend on Axiomatics’ award-winning authorization platform to share sensitive, valuable, and regulated digital assets – but only to authorized users and in the right context. Please visit our website or follow us on LinkedIn and YouTube to learn more.

Kelly O'Dwyer-Manuel

Media Contact

Kelly O'Dwyer-Manuel
VP, Brand and Communications

Archived under: