Authorisation PDP​

The PDP component implements OASIS XACML 3.0 standard which allows to implement RBAC and ABAC authorisation models within the platform.

The component provides a set of functionalities that can be grouped as follows:

Domain management system: It manages different domains for supporting multiple companies and environments.
Policy management system: It allows the creation, and management of authorisation policies for different domains.
Decision system: It manages the engine to take authorisation decisions.
These features are accessible via REST.

Integration of the most advanced authorization model XACML 3.0

PDP component allows to take decision based on roles and/or attributes or other criteria.

Flexible by design

The use of XACML allows to evolve the system to future and challenging environments.

Integration of authorisation mechanisms in future applications

The multitenant capability represents an advantage for applications when implementing security features, delegating this technology to PDP.

Extendable to use more modern format technologies

Security policies can be translated and processed in modern formats such as JSON.

Additional ressources

Learn more about i4FS by visting the project website for general information, the wiki for information about the core components, the Technical Manual for API documentation, and downloading the repository’s source code.


Get a better understanding of the global architecture and information flow.

Source code

Our source code is opensource and available on our Gitlab repository.

API endpoints

Let your infrastructure communicate with the i4 Platform.