dr.larsbergmann / green pattern

This post contains links to all the articles about authorization that I have written.

The word authorization is used to describe several different concepts that are very similar, but distinct. These include:

  • Authorization decision for application access: Coarse Grained Authorization
  • Authorization decision for application access: Fine Grained Authorization
  • Token issuance
  • Delegated access (as described in the OAuth2 RFC)

Confusing these concepts can lead to messy architectures, insecure systems, and really confusing conversations.

In the following blog posts, I describe these topics and more.

Image: dr.larsbergmann / green pattern



Robert Broeckelmann

My focus within Information Technology is API Management, Integration, and Identity–especially where these three intersect.