Introduction

The JSON Profile of XACML is a profile aimed at standardizing and simplifying the integration between Policy Enforcement Points (PEP) and Policy Decision Points (PDP). Combined with the REST profile of XACML it:

According to the OASIS XACML mailing list, the following organizations have attested to using or implementing the profile:

Samples

Sample Requests

{
    "Request": {
        "ReturnPolicyIdList": true,
        "AccessSubject": {
            "Attribute": [
                {
                    "AttributeId": "username",
                    "Value": "Alice"
                }
            ]
        },
        "Resource": {
            "Attribute": [
                {
                    "AttributeId": "objectType",
                    "Value": "record"
                },
                {
                    "AttributeId": "recordId",
                    "Value": 123
                },
                {
                    "AttributeId": "expiry",
                    "Value": "2019-01-01",
                    "DataType": "http://www.w3.org/2001/XMLSchema#date"
                }
            ]
        },
        "Action": {
            "Attribute": [
                {
                    "AttributeId": "action",
                    "Value": "view",
                }]
        }
    }
}

Sample Responses

{
    "Response": {
        "Decision": "Permit",
        "Status": {
            "StatusCode": {
                "Value": "urn:oasis:names:tc:xacml:1.0:status:ok"
            }
        },
        "PolicyIdentifierList": {
            "PolicyIdReference": {
                "Id": "http://axiomatics.com/alfa/identifier/com.axiomatics.example.viewRecord",
                "Version": "1.0"
            },
            "PolicySetIdReference": [
                {
                    "Id": "http://axiomatics.com/alfa/identifier/com.axiomatics.example.records",
                    "Version": "1.0"
                },
                {
                    "Id": "http://axiomatics.com/alfa/identifier/com.axiomatics.example",
                    "Version": "1.0"
                }
            ]
        }
    }
}

JSONProfileXACML (last edited 2019-03-11 21:33:20 by david.brossard)