|
|
|
|
|
|
by nacozarina
225 days ago
|
|
|
have seen RBAC implemented via internally-managed x.509 certs; endpoint identity is enriched with Org, OU0, OU1, …, params; a custom REST service provides authorization services after initial authentication. Nothing special about the certs themselves. Hard part is defining the authorization services, how you register apps, granularity of perms, etc. The coding is tedious but straightforward; getting prerequisite agreements around policy is hard. |
|
|