Determine Access Privileges

Identity Cloud determines what access a user has as follows:

  1. Identity Cloud checks the onRequest script specified in router.json. By default, this script calls router-authz.js.

  2. If access requirements are not satisfied, Identity Cloud then checks for any privileges associated with the user's roles.

onResponse and onFailure scripts are supported when using privileges. onFailure scripts are called only if both the onRequest script and the privilege filter fail. onRequest, onResponse, and onFailure scripts are not required for the privilege mechanism.

Read a different version of :