How to Protect APIs using ForgeRock’s Identity Platform

As a quick follow up to my blog post earlier this week How to Develop and Expose APIs Using Go this post explains how to protect those APIs using ForgeRock’s Identity Platform. I cover setting up the OAuth 2.0 Authorization Service in AM (Access Manager) as well as using IG (Identity Gateway) as the resource server in front of the APIs. In addition to using static scopes in the OAuth flow, I enabled AM’s authorization policy with a rule to dynamically assign an admin scope based on a user’s membership to the admin group.

As promised in the previous post, I include a discount code to Neil Madden’s new book “API Security in Action” published by Manning Publications. At the end of the video I share the discount code, which is good for 35% off Neil’s book.

Feel free to add comments or questions, either here or over at Youtube.

Thanks for stopping by!

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top