keycloak-scim/topics/service/authorization/authorization-api.adoc

== Authorization API

The Authorization API provides a UMA-compliant endpoint for obtaining authorization data from the server, where the authorization data represents the result of the evaluation
of all permissions and authorization policies associated with the resources being requested.

Unlike the Protection API, any client application can access the Authorization API endpoint, which requires a special OAuth2 access token called *Authorization API Token* or *AAT*.
In UMA, a AAT is just a token with a scope *uma_authorization*.
First bucket of documentation from docbook. 2016-05-31 20:36:14 +00:00			`== Authorization API`

More doc 2016-06-05 22:17:31 +00:00			`The Authorization API provides a UMA-compliant endpoint for obtaining authorization data from the server, where the authorization data represents the result of the evaluation`
			`of all permissions and authorization policies associated with the resources being requested.`
First bucket of documentation from docbook. 2016-05-31 20:36:14 +00:00
More doc 2016-06-05 22:17:31 +00:00			`Unlike the Protection API, any client application can access the Authorization API endpoint, which requires a special OAuth2 access token called Authorization API Token or AAT.`
			`In UMA, a AAT is just a token with a scope uma_authorization.`