Advanced Policy Manager API Overview

The Advanced Policy Manager API allows you to make real-time authorization decisions about who and what can access all of the websites, applications, resources, and user data in your ecosystem. The decision engine analyses each incoming access request, gathers the necessary information from user profile data and any relevant external services, and determines whether it should be accepted or denied based on the business rules set up in the Advanced Policy Manager.


Advanced Policy Manager uses the following endpoint construction:


To access your instances of Advanced Policy Manage, replace {mydomain} with your Identity Cloud domain name. For example:

URI Parameters

Parameter Type Required Description
mydomain string Yes Name of your domain.


Advanced Policy Manager supports Basic HTTP authentication using Capture login_client credentials. To create the authorization code, combine your client ID and secret like this client_id + ":" + secret, then base64 encode the result.

Authorization string

Used to send the authorization code.


Authorization: Basic aW1fYV9saXR0bGVfdGVhX3BvdF9zaG9ydF9hbmRfc3Q6b3V0X2hlcmVfaXNfbXlfaGFuZGxlX2hlcmVfaXNfbXk=