• ▶️ Getting Started (this page)
• ⏬ Deploy and Configure the Policy Decision Point
• ⏬ Chart Configuration
• ⏬ Integration Guide
• ⏬ Policy Management
• ⏬ Policy Language
• ⏬ Terms and Conditions API
• ⏬ Policy Checks
• ⏬ Policy Decision Endpoint API

The PDP Service is packaged and delivered as a Docker container.

You can either

👷‍♀️ Build and deploy your own PDP Service

or

🚢 Use the latest release version available on Docker Hub as eoepca/um-pdp-engine:latest

In this guide, we assume using a locally packaged Policy Decision Point (PDP) so we will refer to um-pdp-engine:latest as the docker image. Please substitute with your image tag.

The PDP service is a Platform-wide component that allows the Authorization Server to perform policy-based access control over Platform Resources, and allows Resource Owners, and Resource Servers to assign access polices to protect their Platform resources (endpoints, operations, offerings...).

The PDP is a self-standing XACML compliant service, but it is possible to provide configuration parameters pointing it towards:

• OIDC and UMA Endpoints (exposed by a Login Service), enabling authenticated and authorized access to a protected SCIM Endpoint.
• SCIM Endpoints (exposed by a Login Service or End-User database component), enabling access to the End-User back-end of the Platform.

If you do not have these endpoints available, please follow the Login Service wiki to setup a dedicated instance.

⏭️ Next step: Deploy and Configure the PDP