Home » Resources » White Papers » Technical Viewpoint: Protecting Microservices and APIs with ABAC, OAuth, and OpenID Connect

Technical Viewpoint: Protecting Microservices and APIs with ABAC, OAuth, and OpenID Connect

Get our white paper

Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. This document outlines a set of examples where security standards work together in addressing requirements that are difficult or impossible to meet by using OAuth or OIDC alone.

Learn how Axiomatics can help you avoid OAuth being used beyond its intent – delegated consent. Using Externalized Dynamic Authorization, you can prevent:

Franken-scopes: different scopes blended together in ways that were not originally intended
Scope Explosion: similar to role explosion, when you are forced to create many scopes to address different use cases when a policy based approach would make it much simpler
Authorization logic from creeping into your microservices

Orchestrated Authorization

Solutions

Deployment Methodology

Customer Success

Resources

Partners

About

Blog

Newsroom

Book a Demo

Contact Us

Customer Support

Developer Docs

Technical Viewpoint: Protecting Microservices and APIs with ABAC, OAuth, and OpenID Connect

Get our white paper

Axiomatics Policy Server: The next evolution of our Orchestrated Authorization solution

Orchestrated Authorization: A modern approach at the center of your Zero Trust strategy

Optimizing your IGA investment with Authorization

State of Authorization Report 2023