2016-11-15 21:34:20 +00:00
|
|
|
== Entitlement API
|
2016-05-31 20:36:14 +00:00
|
|
|
|
2016-11-15 21:34:20 +00:00
|
|
|
The Entitlement API provides a 1-legged protocol for obtaining authorization data from the server, where the authorization data
|
2016-06-05 22:17:31 +00:00
|
|
|
represents the result of the evaluation of all permissions and authorization policies associated with the resources being requested.
|
2016-05-31 20:36:14 +00:00
|
|
|
|
2016-11-15 21:34:20 +00:00
|
|
|
Unlike the _Authorization API_, the Entitlement API is not UMA-compliant and does not require permission tickets.
|
2016-05-31 20:36:14 +00:00
|
|
|
|
2016-11-15 21:34:20 +00:00
|
|
|
The purpose of this API is provide a more lightweight API for obtaining authorization data, where a client in possession of a valid
|
|
|
|
OAuth2 access token is able to obtain the necessary authorization data on behalf of its users.
|