Skip to main content
Version: 26.1

Attribute connectors

Attribute connectors serve as dynamic data retrieval mechanisms that facilitate integration with external data sources to extract the attribute values essential for policy evaluation. They act as Policy Information Points (PIPs), establishing a bridge between external data repositories and the Policy Decision Point (PDP), the component responsible for evaluating access control policies. By dynamically retrieving attribute values from external sources, attribute connectors ensure that policies are informed by the most up-to-date and accurate information, enhancing the effectiveness of access control decisions.

Standard attribute connectors

Axiomatics provides several standard attribute connectors such as LDAP, SQL, Table, HTTP, and Parsers (JWT, JSON, XML). Additionally, we enable you to create custom attribute connectors for data sources not supported by the default options.

Table

This attribute connector offers a simplified approach to fetching attributes from SQL data sources by directly accessing specific columns. It's less versatile than the SQL attribute connector and doesn't support arbitrary SQL queries, but is easier to configure.

SQL

This attribute connector extracts attribute values from relational database systems (RDBMS) using SQL queries.

LDAP

This attribute connector retrieves attributes from Lightweight Directory Access Protocol (LDAP) repositories, which are widely employed for user identity management.

HTTP

This attribute connector connects to HTTP-based web services that return structured content such as JSON or XML, extracting the relevant payload for access control evaluation by the PDP.

Parsers

These attribute connectors delve into structured data formats like JSON and XML using standard techniques such as JSONPath or XPath to extract nested values. Parser attribute connectors are different from other connectors as they don't necessarily reach out to external sources to retrieve information.

  • JSON Parser - extracts values from JSON documents using the JSONPath expression language.
  • XML Parser - utilizes the XPath language to extract values from XML documents.
  • JWT Parser - parses and validates JSON Web Tokens (JWT), and extracts claims from their underlying JSON structure.

API reference

The Authorization Hub REST API interactive documentation is available in the Swagger UI API. You can access the API schemas and endpoint definitions for the attribute connectors service using the following URL:

http(s)://<authorization-hub-url>/api/hub-service/swagger-ui/index.html