Access Control
For information security It is very important to control individuals who can access applications and monitor their purposes. At the same time, access policies can vary greatly for different applications, organizations and user groups.
Define the policies for user access to applications
With Blitz Identity Provider you can configure the authorization logic for user access to applications. Access policies can be quite complex. For example, to enter certain applications re-authentication or enhanced two-factor authentication may be required under certain conditions. Access policies can take into account user attributes and environment settings (for example, the time of day or the network address of the user or the type of user device).
Protect your Web services
Use the OAuth 2.0 technology of the Blitz Identity Provider to protect the Web services of your applications.
With Blitz Identity Provider you can:
- Keep records of applications (clients) that can access your web services. Assign the client-id and client-secret to the applications
- Maintain your access permissions directory (OAuth scopes). Permissions are used to confirm that the application is granted the right to access the resource (accessing data and actions through your web services) by the owner of the resource
- Use any of the four standard authorization scenarios to provide secure access for applications to your web services
- Provide the applications and resource providers with secure granular access to user data
