How to support OpenID AuthZEN requests with Amazon Verified Permissions

Security Blog

This article discusses how to support OpenID AuthZEN requests using Amazon Verified Permissions, a fully managed AWS service for authorization policy management and evaluation.

Introduces OpenID AuthZEN specification for decoupling authorization logic from application code
Provides an open-source reference implementation for integrating AuthZEN with Verified Permissions
Demonstrates an architecture using AWS services like API Gateway, Lambda, and Secrets Manager
Uses Cedar policy language for mathematically provable access control
Includes deployment instructions and interoperability testing with AuthZEN test scenarios

The solution enables standardized, flexible, and scalable authorization across different services by providing a managed interface between AuthZEN protocols and AWS authorization services.

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Aug 5
2024

Amazon Verified Permissions improves support for OIDC identity providers

Apr 23
2024

Using Amazon Verified Permissions to manage authorization for AWS IoT smart home applications

Jan 22
2024

How to build a unified authorization layer for identity providers with Amazon Verified Permissions

May 21
2024

Amazon Verified Permissions improves support for Cognito tokens

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

How to support OpenID AuthZEN requests with Amazon Verified Permissions

Related articles