| CPC H04L 63/02 (2013.01) [G06F 9/547 (2013.01); G06F 21/629 (2013.01); H04L 41/0893 (2013.01); H04L 63/0236 (2013.01); H04L 67/133 (2022.05); H04L 67/562 (2022.05); G06F 21/6218 (2013.01); H04L 63/10 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
|
1. A method for providing policies to a plurality of local API (Application Programming Interface) authorization agents executing on a plurality of computers to use to authorize API calls for processing by applications executing on the plurality of computers, the method comprising:
receiving definitions of a plurality of authorization policies for a set of one or more API calls to the applications executing on the plurality of computers;
storing the plurality of authorization policies; and
distributing different sets of authorization policies to different local controllers executing on the plurality of computers, each particular set of authorization policies distributed to each particular local controller comprising one or more authorization policies relevant for processing API calls to a set of one or more applications executing on a same host computer as the particular local controller, wherein for each application of a set of applications executing on a particular computer, the local controller executing on the particular computer identifies policies applicable to the particular application and provides to a local API authorization agent executing on the particular computer that authorizes API calls for processing by the particular application (i) the policies applicable to the application and (ii) parameter values retrieved from local data sources for use in evaluating the policies.
|