Skip to main content

Authorizer Overview

Authorizer Service: Enabling Secure Access Control

The Authorizer System plays a critical role in ensuring the security and access control of the platform by performing the following checks and verifications;

  • Invalid API Key
  • Invalid Authorization Token
  • Unrecognize Tenant Source
  • Unrecognize Tenant Service

Invalid API Key

This check involves verifying the API key provided by the user or application attempting to access the platform. It's essential to ensure that only authorized users or applications with valid keys can access the platform's resources. This verification process may also involve checking data encryption to secure client and platform communication.

Invalid Authorization Token

This step involves validating the authorization token presented by the tenant. Authorization tokens are typically used to authenticate and authorize users or services. Ensuring that these tokens are valid helps prevent unauthorized access to the platform.

Unrecognized Tenant Source

In this check, the system examines the request's source, which could be the tenant's IP address or domain. If the tenant's source is not recognized or whitelisted, access may be denied. This helps control access based on the request's origin, which can be particularly important for security.

Unrecognized Tenant Service

Here, the system verifies whether the tenant is trying to access services they cannot use. This can involve checking the permissions and services enabled for that specific tenant. Unauthorized service access can be a security risk, so it's essential to restrict access to only authorized services.

Unauthorized User Profile

This check involves verifying the user profile details, such as tenant ID, country, and user ID. These details may be used to determine whether a user has the necessary permissions to access specific resources or perform certain actions.

How does Authorizer work?

The Authorizer System is the access guardian, carefully controlling who can interact with the platform's resources. Here's how it accomplishes this vital task:

  • Public Gateway
  • Private Gateway
  • Swagger Public Gateway
  • Logged in Endpoint
  • Authorization checks
  • Public endpoint

Public Gateway

This is the entry point for external clients to access our services. It checks for the following;

  • Tenant identity
  • User identity
  • Country code

Private Gateway Services

The public gateway protects the private gateway services. It ensures that only authorized requests can access them.

Swagger Public Gateway

This allows users to make use of the Swagger documentation available for each service.

Logged In Endpoint

The Authorizer System verifies the authenticity of requests to the logged-in endpoint using API keys.

Authorization Checks

This involves checking roles, permissions, and user tokens.

Public Endpoint

It uses API keys for tracking and controlling access. This helps prevent abuse, enforce rate limits, and monitor usage patterns.