authzen icon indicating copy to clipboard operation
authzen copied to clipboard
verified publisher icon openid

Define how a custom action is defined.

Open PieterKas opened this issue 2 years ago • 1 comments

https://github.com/SGNL-ai/authzapi/blob/5937da2ca3a3ed189bb066ce2f75c9bd5e0a380d/authorization-api-1_0.md?plain=1#L177C1-L177C1

It would be good to include details of how the extensibility might work.

PieterKas avatar Jul 11 '23 19:07 PieterKas

A simple "action" can either be an abstract reference by name, represented as a simple string - e.g. "GET", "READ", "DELETE". Or it can be expressed as a complex structure, describing a transaction function with arbitrary parameters and values. Example 1: Bank payout transaction with an amount and currency

subject = "bank customer A" , resource = "Bank Account 123"
Action = Payout-Transaction (amount = 500, currency = Eur, payee = "Bank Account 789")

Example 2: set the quota of a resource to "500 Gigabytes"

subject = "user B" , resource = "users home folder"
Action = set-quota (value = 500, unit = "GB")

grafik

The abstraction of an action could be defined as a "complex space described by attributes and/or bounding parameters".

tr33 avatar Nov 06 '23 21:11 tr33