Version: 8.x (Current)

Overview

The authorization service is responsible for authorizing a route to request certain resources.

This service exposes an endpoint /auth that, given a configuration file, validates whether the request can be authorized or not, and thus be propagated to the services below the API Gateway.

In order to decide whether the request can be authorized, the service will attempt to gather information about the entity (user or machine) that is performing the request (this is done by leveraging the OIDC /userinfo endpoint). Combining these information with the original request route and method and the Group Expression defined in the Console a proper status code is returned, as specified in the usage doc