Skip to main content
Version: 1.3

Introduction to Authorization Domain Manager

Authorization Domain Manager (ADM) is a content-management system specifically designed for authorization domains. This service securely stores and manages domains, offering enterprises fine-grained data access control. ADM operates as a standalone application, providing a standardized API for delivering authorization domains to authorization engines in production environments. It is suitable for deployment in microservices, cloud, or hybrid architectures.

ADM also supports governance and compliance management. Auditors can directly access ADM, its logs, and the logs of the authorization engine in use. This comprehensive access allows them to verify and audit operations performed by various actors within the system.

Axiomatics Authorization system

Authorization Domain Manager (ADM) is a core component of the Axiomatics Authorization system. This comprehensive suite comprises separately downloaded and installed components that are utilized in combination as required.

The Axiomatics Authorization system is the industry-leading solution for controlling access to critical applications. By leveraging externalized dynamic authorization, it offers an efficient policy engine and the most complete solution available for enterprise-wide implementation of Policy and Attribute-Based Access Control (PBAC and ABAC).

Axiomatics Authorization system components

The Axiomatics Authorization system is a suite of components that, apart from ADM, includes:

  • Access Decision Service (ADS)

    ADS is a cloud-native authorization engine that functions as the Policy Decision Point (PDP) and delivers dynamic, attribute-based authorization decisions to Policy Enforcement Points (PEPs) through a REST API, adhering to the XACML 3.0 standard.

  • Authorization Domain Manager (ASM)

    ASM is a web-based, multipurpose management interface within the Axiomatics Authorization system that provides key centralized functions for policies, domains, attribute definitions, and attribute sources.

  • Contextual Authorization Query (CAQ)

    CAQ is a cloud-native service that evaluates reverse query requests. A reverse query response provides information on what conditions need to be satisfied to get an expected Policy Decision Point (PDP) decision.

  • Axiomatics Policy DevOps (APD)

    APD is a tool for developing, testing, and deploying ALFA policies and attribute connectors within your Attribute-Based Access Control (ABAC) environment. Built on Gradle and JUnit, it allows for a comprehensive testing approach that includes unit, integration, and system tests.

Featured content

Notices

AXIOMATICS® is a registered trademark of Axiomatics AB, corporate identification no. 556708-1012, Sweden. Other trademarks are the property of their respective owners.

Except as otherwise expressly agreed in writing by Axiomatics AB, information in this guide does not constitute in any way a representation, warranty or commitment on the part of Axiomatics.