Technical Documents

Enable OIDC Compliant Application Authorization and Authentication with Aporeto

Enterprises face significant challenges to improve application security governance for legacy and new applications without changes to application logic. Aporeto can help offload user authentication and authorization from application business logic allowing you to enable the following for legacy applications with zero code changes:


– Use your choice of OIDC (Open ID connect) compliant IdP to centralize user governance for internal users, partners and contractors

– Make your applications internet-accessible for B2B/partner use-cases

– Use attribute-based access control (ABAC) to enforce user authorization on APIs exposed by your application.

– User attributes can be provided through OAuth scopes in a JSON Web Token (JWT) from the IdP.

– Reducing user-state and user session management paves the path to modernize your applications for cloud making use of elasticity