Skip to main content
Version: 7.7

Introduction to Axiomatics Services Manager

Axiomatics Services Manager (ASM) is a web-based, multipurpose management interface that provides you the necessary tools to build, manage, and monitor your attribute-based access control (ABAC) policies.

ASM provides you the essential tools for policy authoring and maintenance. Its integrated Policy Editor offers a graphical user interface (GUI) that simplifies the creation and maintenance of policies, including the visualization of complex and nested expressions.

Within ASM, you can define, organize, and manage the attributes used in your policies through the Attribute Dictionary. These attributes are fundamental to ABAC, supplying contextual information such as a user's role, department, location, or resource sensitivity, which is then used to make authorization decisions. ASM also allows you to define mappings for retrieving these attributes from various data sources, such as LDAP directories and SQL databases, using the Attribute Connectors feature.

Furthermore, ASM enables the creation and configuration of authorization domains. These domains bundle together authorization policies and their associated configurations, forming aggregates of domain data used to evaluate access requests and produce "permit" or "deny" responses.

Axiomatics Authorization system

Axiomatics Services Manager (ASM) is a core component of the Axiomatics Authorization system. This comprehensive suite comprises separately downloaded and installed components that are utilized in combination as required.

The Axiomatics Authorization system is the industry-leading solution for controlling access to critical applications. By leveraging externalized dynamic authorization, it offers an efficient policy engine and the most complete solution available for enterprise-wide implementation of Policy and Attribute-Based Access Control (PBAC and ABAC).

Axiomatics Authorization system components

The Axiomatics Authorization system is a suite of components that, apart from ASM, includes:

  • Access Decision Service (ADS)

    ADS is a cloud-native authorization engine that functions as the Policy Decision Point (PDP) and delivers dynamic, attribute-based authorization decisions to Policy Enforcement Points (PEPs) through a REST API, adhering to the XACML 3.0 standard.

  • Authorization Domain Manager (ADM)

    ADM is a content-management system, tailored for authorization domains. It is a service that stores and manages domains in a secure way, providing enterprise with fine-grained data access control.

    ADM is suitable for deployment in microservices, cloud, or hybrid architectures.

  • Contextual Authorization Query (CAQ)

    CAQ is a cloud-native service that evaluates reverse query requests. A reverse query response provides information on what conditions need to be satisfied to get an expected Policy Decision Point (PDP) decision.

  • Axiomatics Policy DevOps (APD)

    APD is a tool for developing, testing, and deploying ALFA policies and attribute connectors within your Attribute-Based Access Control (ABAC) environment. Built on Gradle and JUnit, it allows for a comprehensive testing approach that includes unit, integration, and system tests.

Featured content

Notices

AXIOMATICS® is a registered trademark of Axiomatics AB, corporate identification no. 556708-1012, Sweden. Other trademarks are the property of their respective owners.

Except as otherwise expressly agreed in writing by Axiomatics AB, information in this document does not constitute in any way a representation, warranty or commitment on the part of Axiomatics.

Copyright © 2012-2025 Axiomatics AB. All Rights Reserved.