keycloak-scim/authorization_services/topics/policy-evaluation-tool-overview.adoc

26 lines
1.3 KiB
Text
Raw Normal View History

2016-11-29 15:30:53 +00:00
[[_policy_evaluation_overview]]
= Evaluating and Testing Policies
When designing your policies, you can simulate authorization requests to test how your policies are being evaluated.
You can access the Policy Evaluation Tool by clicking the `Evaluate` tab when editing a resource server. There you can specify different inputs to simulate real authorization requests and test the effect of your policies.
2016-06-05 22:17:31 +00:00
2017-08-28 12:50:14 +00:00
image:{project_images}/policy-evaluation-tool/policy-evaluation-tool.png[alt="Policy Evaluation Tool"]
2016-06-05 22:17:31 +00:00
== Providing Identity Information
2016-06-05 22:17:31 +00:00
The *Identity Information* filters can be used to specify the user requesting permissions.
2016-06-05 22:17:31 +00:00
2017-03-30 19:08:48 +00:00
You can also click *Entitlement* to obtain all permissions for the user you selected.
2016-06-05 22:17:31 +00:00
== Providing Contextual Information
2016-06-05 22:17:31 +00:00
The *Contextual Information* filters can be used to define additional attributes to the evaluation context, so that policies can obtain these same attributes.
2016-06-05 22:17:31 +00:00
== Providing the Permissions
2016-06-05 22:17:31 +00:00
The *Permissions* filters can be used to build an authorization request. You can request permissions for a set of one or more resources and scopes. If you want
to simulate authorization requests based on all protected resources and scopes, click *Add* without specifying any `Resources` or `Scopes`.
When you've specified your desired values, click *Evaluate*.