Skip to main content

Authorization

Once user is properly authenticated and identified, internal authorization token is issued based on the roles and associated permissions that are assigned to the user. The authorization token is used by internal services to evaluate authorization of identified user.

The authorization is evaluated using Open Policy Agent policies (OPA).

The following diagram shows the interaction with the OPA:

For more information about the authorization policies, refer to CZERTAINLY Auth OPA Policies.