API security policy

Overview

Set up authorization for your proprietary REST APIs or backend services through Strivacity Fusion.
The new API security policy feature allows you to easily expose your REST APIs' endpoints and custom scopes to Strivacity Fusion's API Controller service.
Strivacity Fusion's API Controller built on the industry best-practice OAUTH2 standard will take care of everything else happening under the hood:
Strivacity Fusion's API Controller will
  • generate and provide access tokens for use against your REST APIs
  • allow access to the scopes defined in the API Security policy
  • allow your proprietary REST APIs to validate access tokens
Client credentials flow
We've implemented the Client Credentials flow for communication between our API Controller service and your REST APIs.
The Client ID and Secret required for service-to-service communication are provided by the application the API security policy is assigned to.
Last modified 1mo ago
Export as PDF
Copy link