Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

OneWelcome Identity Platform
- Explore Thales Docs

IDAAS core
User journey orchestration
Consent and preference management
Consent Management v2
- Admin UI guide
- Consent Management v2 APIs
Identity broker
Delegated User Management v2
Externalized authorization
Delegated user management
- Getting started
- Roles
- Rules
- User management
- Self service page
- Data
- APIs
- Apps
- Jobs
- Reports
Risk management
- Essential rules
- Default policies (Essential)
Mobile identity
- Mobile identity - Access component
- Mobile identity - Tulip
Mobile SDK
API references
Release notes and FAQ
Policy-Based Authorization Manager
Integrations
Identity Orchestrator (IO)

All

All

Policy-Based Authorization Manager

Authorizers

Please Note:

Policy-Based Authorization Manager
Platform Navigation
User Portal
- About the platform
- Navigation
- Getting Started
  - Logging In and Out
  - Platform Hierarchy
  - Platform Permissions
- About Tenants
  - Hybrid Agent Key Settings
  - Configuring an IDP for the Tenant
  - Tenant Settings
- AI Capabilities
  - Policy Metadata
- About Environments
  - Environment Settings
  - Managing Environments
  - Managing Workspaces
  - About Scopes
    - Managing Scopes
    - Managing Scope Authentication
  - About Secret Stores
    - Managing Secret Stores
    - Configuring Store Types
  - Managing Authorizers
- About Audit Reports
  - Administration Audit Report
  - Authorization Audit Report
- About PAAs and PIP Settings
  - Policy Authorization Agent
    - Managing Policy Authorization Agents (PAA)
  - Policy Information Point (PIP)
    - Data Sources
- Identity Workspace
  - Identity Workspace Settings
  - Managing Identity Attributes
  - Managing Identity Sources
  - Managing Identity Mapper Sets
  - Managing Identity Matchers
  - Managing Dynamic Groups
- Authorization Workspace
  - Authorization Workspace Settings
  - Request Attributes
  - Prerequisites for Building Policies
  - About Assets and Asset Types
    - Asset Type Settings
    - Managing Asset Types
    - Managing Asset Attributes
    - Managing Assets
    - Managing Actions
    - Managing Rulesets
  - About Applications
    - Application Settings
    - Managing Applications
  - About API Mappers
    - Managing API Mappers
  - About Conditions
    - Managing Conditions
- About Policies
  - Creating Policies
  - Managing Policies
  - Vendor Compare
  - Policy Lifecycle
  - Policy Custom Attributes
  - Policy Authoring for Data
    - Data Access Policies
    - Dynamic Data Mapping
    - Google BigQuery
- About the Certification Process
  - Certification Process Steps
- Authorization Audit Configuration
Admin Portal
- Thales Agent
- IDP authenticator enrichment
- Policy Decision Point (PDP)
  - Enabling SSL for Runtime
  - PDP caching options
  - Authorization audit configuration
Authorizers
- SaaS Authorization Management
- Token Enrichment Authorization Pattern
- API Access Authorization Pattern
- Data Access Authorization Pattern

Was this document helpful? Yes No

Feedback Sent!

If you like, you can provide additional feedback.

OneWelcome Identity Platform
Policy-Based Authorization Manager
Authorizers

Authorizers

Thales Authorizers are robust, technology-ready components designed to seamlessly integrate with various systems, supporting a range of authorization patterns. These out-of-the-box solutions amplify the value of centralized policy management, enabling distributed enforcement at scale. With Thales Authorizers, IT, security, application, and data teams can effortlessly implement consistent and reliable authorization controls across diverse environments. By safeguarding valuable data and resources at every step, Thales Authorizers ensure that your organization's security policies are consistently applied across all integrated technologies.

Thales offers Authorizers for many third party vendors and technologies according to several authorization patterns. Each of the Authorization patterns enables integrations with different distributed technologies, answering multiple access management needs and security business requirements. The Authorizers enable organizations to protect the valuable and sensitive data and organizational resources across the authorization process.

Authorizer integration patterns include:

SaaS Authorization Management
Authorization by Token Enrichment
Authorization by API Access Control
Authorization By Data Access Control

In addition, you can integrate with the Platform for centralized authorization management with our SDK Authorizers.

Thales Authorizers

The following Authorizers are available:

Authenticator enrichment authorization pattern
API Access Authorization Pattern
Data Access Authorization Pattern
Access File Authorizer
Amazon API gateway
Apigee
Auth0
Azure API Management Authorizer
Databricks
Denodo
Envoy
Google BigQuery
Istio Sidecar
Java Data Access SDK
JSON filtering authorizer
Langchain
Microsoft Entra ID
Microsoft Power BI
NodeJS SDK
Okta
Ping
Snowflake
SQL database authorizer
Thales authenticator enrichment service
Trino
Zscaler Private Access (ZPA)

On this page

OneWelcome Identity Platform

© Copyright 2019-2026, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Customer Release Notes
- Support Contacts
Legal
- End User License Agreement
- Terms of Service

© Copyright 2019-2026, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com